Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-41946 (GCVE-0-2024-41946)
Vulnerability from cvelistv5 – Published: 2024-08-01 14:22 – Updated: 2025-11-03 20:38
VLAI
EPSS
Title
REXML DoS vulnerability
Summary
REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.
Severity
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/ruby/rexml/security/advisories… | x_refsource_CONFIRM |
| https://github.com/ruby/rexml/commit/033d1909a8f2… | x_refsource_MISC |
| https://www.ruby-lang.org/en/news/2008/08/23/dos-… | x_refsource_MISC |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ruby-lang:rexml:*:*:*:*:*:ruby:*:*"
],
"defaultStatus": "unknown",
"product": "rexml",
"vendor": "ruby-lang",
"versions": [
{
"lessThan": "3.3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T15:45:10.507112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T15:50:11.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:38:34.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0007/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rexml",
"vendor": "ruby",
"versions": [
{
"status": "affected",
"version": "\u003c 3.3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:22:14.014Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4"
},
{
"name": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368"
},
{
"name": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"
},
{
"name": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946"
}
],
"source": {
"advisory": "GHSA-5866-49gr-22v4",
"discovery": "UNKNOWN"
},
"title": "REXML DoS vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-41946",
"datePublished": "2024-08-01T14:22:14.014Z",
"dateReserved": "2024-07-24T16:51:40.948Z",
"dateUpdated": "2025-11-03T20:38:34.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-41946",
"date": "2026-05-31",
"epss": "0.00679",
"percentile": "0.71898"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-41946\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-08-01T15:15:14.100\",\"lastModified\":\"2025-11-03T21:16:17.533\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.\"},{\"lang\":\"es\",\"value\":\"REXML es un conjunto de herramientas XML para Ruby. La gema REXML 3.3.2 tiene una vulnerabilidad DoS cuando analiza un XML que tiene muchas expansiones de entidad con SAX2 o API de analizador de extracci\u00f3n. La gema REXML 3.3.3 o posterior incluye el parche para corregir la vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ruby-lang:rexml:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"3.3.3\",\"matchCriteriaId\":\"E5CFEABA-B7D5-4D35-9C56-CC81B839DD36\"}]}]}],\"references\":[{\"url\":\"https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20250117-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250117-0007/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/01/msg00011.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T20:38:34.071Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-41946\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-01T15:45:10.507112Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ruby-lang:rexml:*:*:*:*:*:ruby:*:*\"], \"vendor\": \"ruby-lang\", \"product\": \"rexml\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-01T15:46:03.129Z\"}}], \"cna\": {\"title\": \"REXML DoS vulnerability\", \"source\": {\"advisory\": \"GHSA-5866-49gr-22v4\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"ruby\", \"product\": \"rexml\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.3.3\"}]}], \"references\": [{\"url\": \"https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4\", \"name\": \"https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368\", \"name\": \"https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml\", \"name\": \"https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946\", \"name\": \"https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-08-01T14:22:14.014Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-41946\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T20:38:34.071Z\", \"dateReserved\": \"2024-07-24T16:51:40.948Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-08-01T14:22:14.014Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2025-AVI-0855
Vulnerability from certfr_avis - Published: 2025-10-09 - Updated: 2025-10-09
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 24.4 antérieures à 24.4R2 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 22.4R3-S8-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 23.4 antérieures à 23.4R2-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S4-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 22.4R3-S8 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S2-EVO | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 24.4-EVO antérieures à 24.4R2-EVO | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 24.1R4 | ||
| Juniper Networks | Security Director | Security Director Policy Enforcer versions antérieures à 23.1R1 Hotpatch v3 | ||
| Juniper Networks | Junos Space | Junos Space Security Director versions antérieures à 24.1R4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S5-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 23.2 antérieures à 23.2R2-S4 | ||
| Juniper Networks | Junos OS | Junos OS versions 24.2 antérieures à 24.2R2-S1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 24.4 ant\u00e9rieures \u00e0 24.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S4-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 22.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4-EVO ant\u00e9rieures \u00e0 24.4R2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R4",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 23.1R1 Hotpatch v3",
"product": {
"name": "Security Director",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Security Director versions ant\u00e9rieures \u00e0 24.1R4",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S5-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24795"
},
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2023-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44431"
},
{
"name": "CVE-2021-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47606"
},
{
"name": "CVE-2025-59993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59993"
},
{
"name": "CVE-2025-59997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59997"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2025-59995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59995"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2024-36921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
},
{
"name": "CVE-2025-59986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59986"
},
{
"name": "CVE-2025-60009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60009"
},
{
"name": "CVE-2025-59989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59989"
},
{
"name": "CVE-2024-26897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
},
{
"name": "CVE-2023-46103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46103"
},
{
"name": "CVE-2024-27052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2025-59999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59999"
},
{
"name": "CVE-2025-59994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59994"
},
{
"name": "CVE-2024-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
},
{
"name": "CVE-2025-59967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59967"
},
{
"name": "CVE-2022-24805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2024-37356",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
},
{
"name": "CVE-2024-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2024-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
},
{
"name": "CVE-2025-59991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59991"
},
{
"name": "CVE-2024-5564",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5564"
},
{
"name": "CVE-2024-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
},
{
"name": "CVE-2023-28746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
},
{
"name": "CVE-2023-52864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52864"
},
{
"name": "CVE-2025-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26600"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2024-36929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2025-59982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59982"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2024-30205",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30205"
},
{
"name": "CVE-2018-17247",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17247"
},
{
"name": "CVE-2025-60004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60004"
},
{
"name": "CVE-2023-51594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51594"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2023-50229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50229"
},
{
"name": "CVE-2025-59974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59974"
},
{
"name": "CVE-2025-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26598"
},
{
"name": "CVE-2018-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
},
{
"name": "CVE-2024-40928",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40928"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2024-36020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-59981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59981"
},
{
"name": "CVE-2023-31248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2024-30203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30203"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2024-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35937"
},
{
"name": "CVE-2025-59968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59968"
},
{
"name": "CVE-2023-51592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51592"
},
{
"name": "CVE-2025-59990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59990"
},
{
"name": "CVE-2021-22146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22146"
},
{
"name": "CVE-2025-59978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59978"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
},
{
"name": "CVE-2024-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
},
{
"name": "CVE-2024-27434",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2024-35852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
},
{
"name": "CVE-2024-38558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
},
{
"name": "CVE-2025-59992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59992"
},
{
"name": "CVE-2024-35845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
},
{
"name": "CVE-2021-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
},
{
"name": "CVE-2025-60000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60000"
},
{
"name": "CVE-2022-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24807"
},
{
"name": "CVE-2024-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
},
{
"name": "CVE-2024-27065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
},
{
"name": "CVE-2024-36005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
},
{
"name": "CVE-2023-45866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45866"
},
{
"name": "CVE-2023-27349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27349"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2015-5377",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5377"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2022-24810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24810"
},
{
"name": "CVE-2024-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-60001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60001"
},
{
"name": "CVE-2024-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5742"
},
{
"name": "CVE-2023-50230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50230"
},
{
"name": "CVE-2025-52960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52960"
},
{
"name": "CVE-2024-36922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
},
{
"name": "CVE-2025-59996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59996"
},
{
"name": "CVE-2024-39487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2023-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38575"
},
{
"name": "CVE-2024-35911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35911"
},
{
"name": "CVE-2025-59957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59957"
},
{
"name": "CVE-2025-59958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59958"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2018-17244",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17244"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-26597",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26597"
},
{
"name": "CVE-2024-36971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2024-42934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42934"
},
{
"name": "CVE-2023-51580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51580"
},
{
"name": "CVE-2024-35848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
},
{
"name": "CVE-2024-27417",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
},
{
"name": "CVE-2023-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-59983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59983"
},
{
"name": "CVE-2024-36941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2024-35969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35969"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2025-60006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60006"
},
{
"name": "CVE-2024-36489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36489"
},
{
"name": "CVE-2015-1427",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1427"
},
{
"name": "CVE-2024-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
},
{
"name": "CVE-2024-35899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35899"
},
{
"name": "CVE-2024-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35823"
},
{
"name": "CVE-2024-40954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40954"
},
{
"name": "CVE-2024-9632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9632"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2025-26595",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26595"
},
{
"name": "CVE-2024-26868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26868"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2024-8235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8235"
},
{
"name": "CVE-2023-4147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4147"
},
{
"name": "CVE-2025-59977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59977"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2023-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3610"
},
{
"name": "CVE-2025-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26596"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2022-48622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2024-26828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
},
{
"name": "CVE-2025-59998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59998"
},
{
"name": "CVE-2024-26808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
},
{
"name": "CVE-2024-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30204"
},
{
"name": "CVE-2025-60002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60002"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2018-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3831"
},
{
"name": "CVE-2023-43490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43490"
},
{
"name": "CVE-2025-59976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59976"
},
{
"name": "CVE-2025-59980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59980"
},
{
"name": "CVE-2025-26599",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26599"
},
{
"name": "CVE-2024-47615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
},
{
"name": "CVE-2018-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3823"
},
{
"name": "CVE-2023-22655",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22655"
},
{
"name": "CVE-2024-6126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6126"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39368"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-26853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26853"
},
{
"name": "CVE-2025-59975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59975"
},
{
"name": "CVE-2025-0624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0624"
},
{
"name": "CVE-2025-59987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59987"
},
{
"name": "CVE-2024-40958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
},
{
"name": "CVE-2018-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3826"
},
{
"name": "CVE-2025-26601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26601"
},
{
"name": "CVE-2024-52337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52337"
},
{
"name": "CVE-2025-59985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59985"
},
{
"name": "CVE-2025-11198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11198"
},
{
"name": "CVE-2022-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24806"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2024-35789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
},
{
"name": "CVE-2024-26327",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26327"
},
{
"name": "CVE-2015-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3253"
},
{
"name": "CVE-2025-59964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59964"
},
{
"name": "CVE-2025-59988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59988"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2023-45733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45733"
},
{
"name": "CVE-2021-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
},
{
"name": "CVE-2024-6655",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6655"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2024-27049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27049"
},
{
"name": "CVE-2025-59984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59984"
},
{
"name": "CVE-2025-52961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52961"
},
{
"name": "CVE-2023-51589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51589"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2021-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3903"
},
{
"name": "CVE-2024-35800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35800"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-51596",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51596"
},
{
"name": "CVE-2025-60010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60010"
},
{
"name": "CVE-2023-51764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51764"
},
{
"name": "CVE-2025-26594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26594"
},
{
"name": "CVE-2024-6409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6409"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2022-24808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24808"
},
{
"name": "CVE-2025-59962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59962"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"initial_release_date": "2025-10-09T00:00:00",
"last_revision_date": "2025-10-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0855",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103140",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103141",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103163",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103168",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Device-allows-login-for-user-with-expired-password-CVE-2025-60010"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103171",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Reflected-client-side-HTTP-parameter-pollution-vulnerability-in-web-interface-CVE-2025-59977"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103167",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-When-a-user-with-the-name-ftp-or-anonymous-is-configured-unauthenticated-filesystem-access-is-allowed-CVE-2025-59980"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103156",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7024X-ACX7100-32C-ACX7100-48L-ACX7348-ACX7509-When-specific-valid-multicast-traffic-is-received-on-the-L3-interface-a-vulnerable-device-evo-pfemand-crashes-and-restarts-CVE-2025-59967"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103437",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Security-Director-Policy-Enforcer-An-unrestricted-API-allows-a-network-based-unauthenticated-attacker-to-deploy-malicious-vSRX-images-to-VMWare-NSX-Server-CVE-2025-11198"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103172",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Flooding-device-with-inbound-API-calls-leads-to-WebUI-and-CLI-management-access-DoS-CVE-2025-59975"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103157",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-sensitive-resources-in-web-interface-CVE-2025-59968"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103170",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Arbitrary-file-download-vulnerability-in-web-interface-CVE-2025-59976"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103139",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103151",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-sharding-enabled-change-in-indirect-next-hop-can-cause-RPD-crash-CVE-2025-59962"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103153",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX4700-When-forwarding-options-sampling-is-enabled-any-traffic-destined-to-the-RE-will-cause-the-forwarding-line-card-to-crash-and-restart-CVE-2025-59964"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103147",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-When-firewall-filter-rejects-traffic-these-packets-are-erroneously-sent-to-the-RE-CVE-2025-59958"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103144",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103143",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Receipt-of-specific-SIP-packets-in-a-high-utilization-situation-causes-a-flowd-crash-CVE-2025-52960"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103146",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-An-attacker-with-physical-access-can-open-a-persistent-backdoor-CVE-2025-59957"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103138",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103165",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-BGP-EVPN-update-message-causes-rpd-crash-CVE-2025-60004"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-1131
Vulnerability from certfr_avis - Published: 2025-12-19 - Updated: 2025-12-19
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 Warehouse | Db2 Warehouse on Cloud Pak for Data versions antérieures à 5.3.0 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 versions antérieures à 7.5.0 UP14 IF03 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.16 | ||
| IBM | QRadar | QRadar Suite Software versions 1.11.x antérieures à 1.11.8.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.4.0.x antérieures à 6.4.0.5 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x antérieures à 6.2.4.5 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x antérieures à 6.2.3.5 | ||
| IBM | Db2 | Db2 on Cloud Pak for Data versions antérieures à 5.3.0 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 5.x antérieures à 5.3 | ||
| IBM | Db2 | Db2 Intelligence Center versions 1.1.x antérieures à 1.1.3.0 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x antérieures à 6.2.4.2 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x antérieures à 6.2.3.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.0",
"product": {
"name": "Db2 Warehouse",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 versions ant\u00e9rieures \u00e0 7.5.0 UP14 IF03",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.16",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.11.x ant\u00e9rieures \u00e0 1.11.8.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.5",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.5 ",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.5 ",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 5.x ant\u00e9rieures \u00e0 5.3",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Intelligence Center versions 1.1.x ant\u00e9rieures \u00e0 1.1.3.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.2",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.5",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-2534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2534"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2021-26272",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26272"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-39761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39761"
},
{
"name": "CVE-2024-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49350"
},
{
"name": "CVE-2025-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
},
{
"name": "CVE-2025-36131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36131"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30065"
},
{
"name": "CVE-2024-47118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47118"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2021-47621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47621"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-61912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61912"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-55198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55198"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2025-1992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1992"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-36136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36136"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2025-36008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36008"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-39718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-36006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36006"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2025-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36186"
},
{
"name": "CVE-2025-55182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55182"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-6493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6493"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-33012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33012"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2025-5187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5187"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-41235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41235"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2023-53539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53539"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-39955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2518"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2024-38827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38827"
},
{
"name": "CVE-2025-38292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38292"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-55199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55199"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-1493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1493"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2025-3050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3050"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1767"
},
{
"name": "CVE-2021-26271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26271"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2024-38821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38821"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-39825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39825"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2023-53401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0915"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2025-38351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-52903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52903"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-46653",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46653"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-2900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
},
{
"name": "CVE-2025-0426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0426"
},
{
"name": "CVE-2020-9281",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9281"
},
{
"name": "CVE-2024-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1000"
},
{
"name": "CVE-2022-3697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3697"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-53513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53513"
},
{
"name": "CVE-2025-33134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33134"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-39804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2022-50543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50543"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-61911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61911"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2025-14687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14687"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2025-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36185"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1131",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7252732",
"url": "https://www.ibm.com/support/pages/node/7252732"
},
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254815",
"url": "https://www.ibm.com/support/pages/node/7254815"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255060",
"url": "https://www.ibm.com/support/pages/node/7255060"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255154",
"url": "https://www.ibm.com/support/pages/node/7255154"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255095",
"url": "https://www.ibm.com/support/pages/node/7255095"
},
{
"published_at": "2025-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254849",
"url": "https://www.ibm.com/support/pages/node/7254849"
},
{
"published_at": "2025-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254850",
"url": "https://www.ibm.com/support/pages/node/7254850"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255160",
"url": "https://www.ibm.com/support/pages/node/7255160"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255065",
"url": "https://www.ibm.com/support/pages/node/7255065"
}
]
}
FKIE_CVE-2024-41946
Vulnerability from fkie_nvd - Published: 2024-08-01 15:15 - Updated: 2025-11-03 21:16
Severity
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368 | Patch | |
| security-advisories@github.com | https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4 | Vendor Advisory | |
| security-advisories@github.com | https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml | Not Applicable | |
| security-advisories@github.com | https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/01/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20250117-0007/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ruby-lang:rexml:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "E5CFEABA-B7D5-4D35-9C56-CC81B839DD36",
"versionEndExcluding": "3.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability."
},
{
"lang": "es",
"value": "REXML es un conjunto de herramientas XML para Ruby. La gema REXML 3.3.2 tiene una vulnerabilidad DoS cuando analiza un XML que tiene muchas expansiones de entidad con SAX2 o API de analizador de extracci\u00f3n. La gema REXML 3.3.3 o posterior incluye el parche para corregir la vulnerabilidad."
}
],
"id": "CVE-2024-41946",
"lastModified": "2025-11-03T21:16:17.533",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-01T15:15:14.100",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
],
"url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20250117-0007/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-5866-49GR-22V4
Vulnerability from github – Published: 2024-08-02 12:33 – Updated: 2025-11-03 22:47
VLAI
Summary
REXML DoS vulnerability
Details
Impact
The REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API.
If you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability.
Patches
The REXML gem 3.3.3 or later include the patch to fix the vulnerability.
Workarounds
Don't parse untrusted XMLs with SAX2 or pull parser API.
References
- https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ : This is a similar vulnerability
- https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946/: An announce on www.ruby-lang.org
Severity
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "rexml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-41946"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-02T12:33:15Z",
"nvd_published_at": "2024-08-01T15:15:14Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nThe REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API.\n\nIf you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability.\n\n### Patches\n\nThe REXML gem 3.3.3 or later include the patch to fix the vulnerability.\n\n### Workarounds\n\nDon\u0027t parse untrusted XMLs with SAX2 or pull parser API.\n\n### References\n\n* https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ : This is a similar vulnerability\n* https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946/: An announce on www.ruby-lang.org",
"id": "GHSA-5866-49gr-22v4",
"modified": "2025-11-03T22:47:32Z",
"published": "2024-08-02T12:33:15Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946"
},
{
"type": "WEB",
"url": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368"
},
{
"type": "PACKAGE",
"url": "https://github.com/ruby/rexml"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rexml/CVE-2024-41946.yml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00011.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250117-0007"
},
{
"type": "WEB",
"url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"
},
{
"type": "WEB",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "REXML DoS vulnerability"
}
MSRC_CVE-2024-41946
Vulnerability from csaf_microsoft - Published: 2024-08-02 00:00 - Updated: 2026-02-19 01:06Summary
REXML DoS vulnerability
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17264-17086 | — | ||
| Unresolved product id: 17267-17086 | — | ||
| Unresolved product id: 17669-17084 | — | ||
| Unresolved product id: 17670-17084 | — | ||
| Unresolved product id: 19723-17086 | — | ||
| Unresolved product id: 19724-17086 | — | ||
| Unresolved product id: 17737-17084 | — |
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17086-7 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 17086-6 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 17084-5 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 17084-4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 17086-2 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 17086-1 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 17084-3 | — |
Vendor Fix
fix
|
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41946 REXML DoS vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-41946.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "REXML DoS vulnerability",
"tracking": {
"current_release_date": "2026-02-19T01:06:22.000Z",
"generator": {
"date": "2026-02-21T02:16:12.436Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-41946",
"initial_release_date": "2024-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2024-09-24T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-10-15T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added ruby to Azure Linux 3.0\nAdded rubygem-rexml to Azure Linux 3.0\nAdded ruby to CBL-Mariner 2.0\nAdded rubygem-rexml to CBL-Mariner 2.0"
},
{
"date": "2026-02-19T01:06:22.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 rubygem-rexml 3.2.7-2",
"product": {
"name": "\u003ccbl2 rubygem-rexml 3.2.7-2",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "cbl2 rubygem-rexml 3.2.7-2",
"product": {
"name": "cbl2 rubygem-rexml 3.2.7-2",
"product_id": "17264"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 rubygem-rexml 3.3.4-1",
"product": {
"name": "\u003cazl3 rubygem-rexml 3.3.4-1",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "azl3 rubygem-rexml 3.3.4-1",
"product": {
"name": "azl3 rubygem-rexml 3.3.4-1",
"product_id": "17669"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 rubygem-rexml 3.2.7-4",
"product": {
"name": "\u003ccbl2 rubygem-rexml 3.2.7-4",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 rubygem-rexml 3.2.7-4",
"product": {
"name": "cbl2 rubygem-rexml 3.2.7-4",
"product_id": "19724"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 rubygem-rexml 3.2.8-1",
"product": {
"name": "\u003cazl3 rubygem-rexml 3.2.8-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 rubygem-rexml 3.2.8-1",
"product": {
"name": "azl3 rubygem-rexml 3.2.8-1",
"product_id": "17737"
}
}
],
"category": "product_name",
"name": "rubygem-rexml"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 ruby 3.1.4-7",
"product": {
"name": "\u003ccbl2 ruby 3.1.4-7",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "cbl2 ruby 3.1.4-7",
"product": {
"name": "cbl2 ruby 3.1.4-7",
"product_id": "17267"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 ruby 3.3.3-2",
"product": {
"name": "\u003cazl3 ruby 3.3.3-2",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 ruby 3.3.3-2",
"product": {
"name": "azl3 ruby 3.3.3-2",
"product_id": "17670"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 ruby 3.1.4-9",
"product": {
"name": "\u003ccbl2 ruby 3.1.4-9",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 ruby 3.1.4-9",
"product": {
"name": "cbl2 ruby 3.1.4-9",
"product_id": "19723"
}
}
],
"category": "product_name",
"name": "ruby"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 rubygem-rexml 3.2.7-2 as a component of CBL Mariner 2.0",
"product_id": "17086-7"
},
"product_reference": "7",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rubygem-rexml 3.2.7-2 as a component of CBL Mariner 2.0",
"product_id": "17264-17086"
},
"product_reference": "17264",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 ruby 3.1.4-7 as a component of CBL Mariner 2.0",
"product_id": "17086-6"
},
"product_reference": "6",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 ruby 3.1.4-7 as a component of CBL Mariner 2.0",
"product_id": "17267-17086"
},
"product_reference": "17267",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 rubygem-rexml 3.3.4-1 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rubygem-rexml 3.3.4-1 as a component of Azure Linux 3.0",
"product_id": "17669-17084"
},
"product_reference": "17669",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 ruby 3.3.3-2 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 ruby 3.3.3-2 as a component of Azure Linux 3.0",
"product_id": "17670-17084"
},
"product_reference": "17670",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 ruby 3.1.4-9 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 ruby 3.1.4-9 as a component of CBL Mariner 2.0",
"product_id": "19723-17086"
},
"product_reference": "19723",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 rubygem-rexml 3.2.7-4 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 rubygem-rexml 3.2.7-4 as a component of CBL Mariner 2.0",
"product_id": "19724-17086"
},
"product_reference": "19724",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 rubygem-rexml 3.2.8-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 rubygem-rexml 3.2.8-1 as a component of Azure Linux 3.0",
"product_id": "17737-17084"
},
"product_reference": "17737",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-41946",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17264-17086",
"17267-17086",
"17669-17084",
"17670-17084",
"19723-17086",
"19724-17086",
"17737-17084"
],
"known_affected": [
"17086-7",
"17086-6",
"17084-5",
"17084-4",
"17086-2",
"17086-1",
"17084-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41946 REXML DoS vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-41946.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-24T00:00:00.000Z",
"details": "3.2.7-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-7",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-09-24T00:00:00.000Z",
"details": "3.1.4-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-6",
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-09-24T00:00:00.000Z",
"details": "3.3.4-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-5",
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-09-24T00:00:00.000Z",
"details": "3.3.3-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17086-7",
"17086-6",
"17084-5",
"17084-4",
"17086-2",
"17086-1",
"17084-3"
]
}
],
"title": "REXML DoS vulnerability"
}
]
}
OPENSUSE-SU-2025:0129-1
Vulnerability from csaf_opensuse - Published: 2025-04-17 04:01 - Updated: 2025-04-17 04:01Summary
Security update for rubygem-rexml
Severity
Moderate
Notes
Title of the patch: Security update for rubygem-rexml
Description of the patch:
rubygem-rexml was updated to 3.3.9:
- fixes CVE-2024-49761, CVE-2024-43398, CVE-2024-41946,
CVE-2024-41123, CVE-2024-39908, CVE-2024-35176
- bsc#1232440, bsc#1229673, bsc#1228799, bsc#1228794,
bsc#1228072, bsc#1224390
Patchnames: openSUSE-2025-129
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
28 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1224390 | self |
| https://bugzilla.suse.com/1228072 | self |
| https://bugzilla.suse.com/1228794 | self |
| https://bugzilla.suse.com/1228799 | self |
| https://bugzilla.suse.com/1229673 | self |
| https://bugzilla.suse.com/1232440 | self |
| https://www.suse.com/security/cve/CVE-2024-35176/ | self |
| https://www.suse.com/security/cve/CVE-2024-39908/ | self |
| https://www.suse.com/security/cve/CVE-2024-41123/ | self |
| https://www.suse.com/security/cve/CVE-2024-41946/ | self |
| https://www.suse.com/security/cve/CVE-2024-43398/ | self |
| https://www.suse.com/security/cve/CVE-2024-49761/ | self |
| https://www.suse.com/security/cve/CVE-2024-35176 | external |
| https://bugzilla.suse.com/1224390 | external |
| https://www.suse.com/security/cve/CVE-2024-39908 | external |
| https://bugzilla.suse.com/1228072 | external |
| https://www.suse.com/security/cve/CVE-2024-41123 | external |
| https://bugzilla.suse.com/1228794 | external |
| https://www.suse.com/security/cve/CVE-2024-41946 | external |
| https://bugzilla.suse.com/1228799 | external |
| https://www.suse.com/security/cve/CVE-2024-43398 | external |
| https://bugzilla.suse.com/1229673 | external |
| https://www.suse.com/security/cve/CVE-2024-49761 | external |
| https://bugzilla.suse.com/1232440 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rubygem-rexml",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nrubygem-rexml was updated to 3.3.9:\n\n- fixes CVE-2024-49761, CVE-2024-43398, CVE-2024-41946,\n CVE-2024-41123, CVE-2024-39908, CVE-2024-35176\n- bsc#1232440, bsc#1229673, bsc#1228799, bsc#1228794,\n bsc#1228072, bsc#1224390",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2025-129",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0129-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:0129-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DGKHOJBF7CZTZV4MBBSARWRERGVICQZ5/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:0129-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DGKHOJBF7CZTZV4MBBSARWRERGVICQZ5/"
},
{
"category": "self",
"summary": "SUSE Bug 1224390",
"url": "https://bugzilla.suse.com/1224390"
},
{
"category": "self",
"summary": "SUSE Bug 1228072",
"url": "https://bugzilla.suse.com/1228072"
},
{
"category": "self",
"summary": "SUSE Bug 1228794",
"url": "https://bugzilla.suse.com/1228794"
},
{
"category": "self",
"summary": "SUSE Bug 1228799",
"url": "https://bugzilla.suse.com/1228799"
},
{
"category": "self",
"summary": "SUSE Bug 1229673",
"url": "https://bugzilla.suse.com/1229673"
},
{
"category": "self",
"summary": "SUSE Bug 1232440",
"url": "https://bugzilla.suse.com/1232440"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41123 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49761 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49761/"
}
],
"title": "Security update for rubygem-rexml",
"tracking": {
"current_release_date": "2025-04-17T04:01:39Z",
"generator": {
"date": "2025-04-17T04:01:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:0129-1",
"initial_release_date": "2025-04-17T04:01:39Z",
"revision_history": [
{
"date": "2025-04-17T04:01:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"product": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"product_id": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"product": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"product_id": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"product": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"product_id": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"product": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"product_id": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"product": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"product_id": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"product": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"product_id": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"product": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"product_id": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"product": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"product_id": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"product": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"product_id": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"product": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"product_id": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP6",
"product": {
"name": "SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64"
},
"product_reference": "ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
},
"product_reference": "ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-35176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35176"
}
],
"notes": [
{
"category": "general",
"text": " REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `\u003c`s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this vulnerability. As a workaround, don\u0027t parse untrusted XMLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35176",
"url": "https://www.suse.com/security/cve/CVE-2024-35176"
},
{
"category": "external",
"summary": "SUSE Bug 1224390 for CVE-2024-35176",
"url": "https://bugzilla.suse.com/1224390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T04:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-35176"
},
{
"cve": "CVE-2024-39908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39908"
}
],
"notes": [
{
"category": "general",
"text": " REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `\u003c`, `0` and `%\u003e`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39908",
"url": "https://www.suse.com/security/cve/CVE-2024-39908"
},
{
"category": "external",
"summary": "SUSE Bug 1228072 for CVE-2024-39908",
"url": "https://bugzilla.suse.com/1228072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T04:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-39908"
},
{
"cve": "CVE-2024-41123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41123"
}
],
"notes": [
{
"category": "general",
"text": "REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `\u003e]` and `]\u003e`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41123",
"url": "https://www.suse.com/security/cve/CVE-2024-41123"
},
{
"category": "external",
"summary": "SUSE Bug 1228794 for CVE-2024-41123",
"url": "https://bugzilla.suse.com/1228794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T04:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-41123"
},
{
"cve": "CVE-2024-41946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41946"
}
],
"notes": [
{
"category": "general",
"text": "REXML is an XML toolkit for Ruby. The REXML gem 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. The REXML gem 3.3.3 or later include the patch to fix the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41946",
"url": "https://www.suse.com/security/cve/CVE-2024-41946"
},
{
"category": "external",
"summary": "SUSE Bug 1228799 for CVE-2024-41946",
"url": "https://bugzilla.suse.com/1228799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T04:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-41946"
},
{
"cve": "CVE-2024-43398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43398"
}
],
"notes": [
{
"category": "general",
"text": "REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. The REXML gem 3.3.6 or later include the patch to fix the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43398",
"url": "https://www.suse.com/security/cve/CVE-2024-43398"
},
{
"category": "external",
"summary": "SUSE Bug 1229673 for CVE-2024-43398",
"url": "https://bugzilla.suse.com/1229673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T04:01:39Z",
"details": "important"
}
],
"title": "CVE-2024-43398"
},
{
"cve": "CVE-2024-49761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49761"
}
],
"notes": [
{
"category": "general",
"text": "REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between \u0026# and x...; in a hex numeric character reference (\u0026#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49761",
"url": "https://www.suse.com/security/cve/CVE-2024-49761"
},
{
"category": "external",
"summary": "SUSE Bug 1232440 for CVE-2024-49761",
"url": "https://bugzilla.suse.com/1232440"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-3.3.9-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.i586",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:ruby2.5-rubygem-rexml-doc-3.3.9-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T04:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2024-49761"
}
]
}
RHSA-2024:6670
Vulnerability from csaf_redhat - Published: 2024-09-16 01:51 - Updated: 2026-03-18 02:45Summary
Red Hat Security Advisory: pcs security update
Severity
Moderate
Notes
Topic: An update for pcs is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> (CVE-2024-41123)
* rexml: DoS vulnerability in REXML (CVE-2024-41946)
* rexml: DoS vulnerability in REXML (CVE-2024-43398)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '>]', and ']>'.
5.3 (Medium)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file.
CWE-400 - Uncontrolled Resource ConsumptionAffected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected.
5.9 (Medium)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
28 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:6670 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302268 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302272 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2307297 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-41123 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302268 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-41123 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-41123 | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | external |
| https://access.redhat.com/security/cve/CVE-2024-41946 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302272 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-41946 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-41946 | external |
| https://github.com/ruby/rexml/commit/033d1909a8f2… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://www.ruby-lang.org/en/news/2008/08/23/dos-… | external |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | external |
| https://access.redhat.com/security/cve/CVE-2024-43398 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2307297 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-43398 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-43398 | external |
| https://github.com/ruby/rexml/releases/tag/v3.3.6 | external |
| https://github.com/ruby/rexml/security/advisories… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e (CVE-2024-41123)\n\n* rexml: DoS vulnerability in REXML (CVE-2024-41946)\n\n* rexml: DoS vulnerability in REXML (CVE-2024-43398)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6670",
"url": "https://access.redhat.com/errata/RHSA-2024:6670"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2302268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302268"
},
{
"category": "external",
"summary": "2302272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302272"
},
{
"category": "external",
"summary": "2307297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6670.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2026-03-18T02:45:53+00:00",
"generator": {
"date": "2026-03-18T02:45:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:6670",
"initial_release_date": "2024-09-16T01:51:27+00:00",
"revision_history": [
{
"date": "2024-09-16T01:51:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-16T01:51:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:45:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HighAvailability (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.2.src",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.2.src",
"product_id": "pcs-0:0.10.18-2.el8_10.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.2.aarch64",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.2.aarch64",
"product_id": "pcs-0:0.10.18-2.el8_10.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.2.ppc64le",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.2.ppc64le",
"product_id": "pcs-0:0.10.18-2.el8_10.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.2.x86_64",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.2.x86_64",
"product_id": "pcs-0:0.10.18-2.el8_10.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.18-2.el8_10.2.s390x",
"product": {
"name": "pcs-0:0.10.18-2.el8_10.2.s390x",
"product_id": "pcs-0:0.10.18-2.el8_10.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.18-2.el8_10.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"product": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"product_id": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.18-2.el8_10.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.aarch64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.aarch64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.ppc64le as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.ppc64le",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.s390x as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.s390x",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.src as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.src",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.x86_64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.x86_64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 as a component of Red Hat Enterprise Linux HighAvailability (v. 8)",
"product_id": "HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"relates_to_product_reference": "HighAvailability-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.aarch64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.aarch64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.ppc64le as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.s390x as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.s390x",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.src as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.src",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.18-2.el8_10.2.x86_64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64"
},
"product_reference": "pcs-0:0.10.18-2.el8_10.2.x86_64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64 as a component of Red Hat Enterprise Linux ResilientStorage (v. 8)",
"product_id": "ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"relates_to_product_reference": "ResilientStorage-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-41123",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-01T15:30:28+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302268"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, \u0027\u003e]\u0027, and \u0027]\u003e\u0027.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat believes this flaw to be moderate because a potential denial of service condition would create minimal impact at the application level and not the entire system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41123"
},
{
"category": "external",
"summary": "RHBZ#2302268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-r55c-59qm-vjw6",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-r55c-59qm-vjw6"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T01:51:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. It is recommended to upgrade the REXML gem to fix these vulnerabilities.",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e"
},
{
"cve": "CVE-2024-41946",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-01T15:30:43+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: DoS vulnerability in REXML",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41946"
},
{
"category": "external",
"summary": "RHBZ#2302272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368",
"url": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml",
"url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T01:51:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rexml: DoS vulnerability in REXML"
},
{
"cve": "CVE-2024-43398",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2024-08-22T15:21:20.836180+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307297"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: DoS vulnerability in REXML",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43398"
},
{
"category": "external",
"summary": "RHBZ#2307297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43398"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/releases/tag/v3.3.6",
"url": "https://github.com/ruby/rexml/releases/tag/v3.3.6"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3"
}
],
"release_date": "2024-08-22T15:15:16.440000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T01:51:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6670"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"HighAvailability-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.src",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-0:0.10.18-2.el8_10.2.x86_64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.aarch64",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.ppc64le",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.s390x",
"ResilientStorage-8.10.0.Z.MAIN.EUS:pcs-snmp-0:0.10.18-2.el8_10.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rexml: DoS vulnerability in REXML"
}
]
}
RHSA-2024:6702
Vulnerability from csaf_redhat - Published: 2024-09-16 18:08 - Updated: 2026-03-18 02:46Summary
Red Hat Security Advisory: pcs security update
Severity
Moderate
Notes
Topic: An update for pcs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> (CVE-2024-41123)
* rexml: DoS vulnerability in REXML (CVE-2024-41946)
* rexml: DoS vulnerability in REXML (CVE-2024-43398)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '>]', and ']>'.
5.3 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file.
CWE-400 - Uncontrolled Resource ConsumptionAffected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected.
5.9 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
28 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:6702 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302268 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302272 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2307297 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-41123 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302268 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-41123 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-41123 | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | external |
| https://access.redhat.com/security/cve/CVE-2024-41946 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302272 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-41946 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-41946 | external |
| https://github.com/ruby/rexml/commit/033d1909a8f2… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://www.ruby-lang.org/en/news/2008/08/23/dos-… | external |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | external |
| https://access.redhat.com/security/cve/CVE-2024-43398 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2307297 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-43398 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-43398 | external |
| https://github.com/ruby/rexml/releases/tag/v3.3.6 | external |
| https://github.com/ruby/rexml/security/advisories… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e (CVE-2024-41123)\n\n* rexml: DoS vulnerability in REXML (CVE-2024-41946)\n\n* rexml: DoS vulnerability in REXML (CVE-2024-43398)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6702",
"url": "https://access.redhat.com/errata/RHSA-2024:6702"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2302268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302268"
},
{
"category": "external",
"summary": "2302272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302272"
},
{
"category": "external",
"summary": "2307297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6702.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2026-03-18T02:46:00+00:00",
"generator": {
"date": "2026-03-18T02:46:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:6702",
"initial_release_date": "2024-09-16T18:08:19+00:00",
"revision_history": [
{
"date": "2024-09-16T18:08:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-16T18:08:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:46:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.6::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.6::highavailability"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.12-6.el8_6.6.src",
"product": {
"name": "pcs-0:0.10.12-6.el8_6.6.src",
"product_id": "pcs-0:0.10.12-6.el8_6.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.12-6.el8_6.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.12-6.el8_6.6.ppc64le",
"product": {
"name": "pcs-0:0.10.12-6.el8_6.6.ppc64le",
"product_id": "pcs-0:0.10.12-6.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.12-6.el8_6.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"product_id": "pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.12-6.el8_6.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.12-6.el8_6.6.x86_64",
"product": {
"name": "pcs-0:0.10.12-6.el8_6.6.x86_64",
"product_id": "pcs-0:0.10.12-6.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.12-6.el8_6.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"product_id": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.12-6.el8_6.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.6.ppc64le",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.6.src as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.6.src",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.6.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.6.src as a component of Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.6.src",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.12-6.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64"
},
"product_reference": "pcs-0:0.10.12-6.el8_6.6.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64 as a component of Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"product_id": "HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"relates_to_product_reference": "HighAvailability-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-41123",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-01T15:30:28+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302268"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, \u0027\u003e]\u0027, and \u0027]\u003e\u0027.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat believes this flaw to be moderate because a potential denial of service condition would create minimal impact at the application level and not the entire system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41123"
},
{
"category": "external",
"summary": "RHBZ#2302268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-r55c-59qm-vjw6",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-r55c-59qm-vjw6"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T18:08:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6702"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. It is recommended to upgrade the REXML gem to fix these vulnerabilities.",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e"
},
{
"cve": "CVE-2024-41946",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-01T15:30:43+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: DoS vulnerability in REXML",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41946"
},
{
"category": "external",
"summary": "RHBZ#2302272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368",
"url": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml",
"url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T18:08:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6702"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rexml: DoS vulnerability in REXML"
},
{
"cve": "CVE-2024-43398",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2024-08-22T15:21:20.836180+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307297"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: DoS vulnerability in REXML",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43398"
},
{
"category": "external",
"summary": "RHBZ#2307297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43398"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/releases/tag/v3.3.6",
"url": "https://github.com/ruby/rexml/releases/tag/v3.3.6"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3"
}
],
"release_date": "2024-08-22T15:15:16.440000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T18:08:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6702"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.E4S:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.ppc64le",
"HighAvailability-8.6.0.Z.E4S:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.src",
"HighAvailability-8.6.0.Z.TUS:pcs-0:0.10.12-6.el8_6.6.x86_64",
"HighAvailability-8.6.0.Z.TUS:pcs-snmp-0:0.10.12-6.el8_6.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rexml: DoS vulnerability in REXML"
}
]
}
RHSA-2024:6703
Vulnerability from csaf_redhat - Published: 2024-09-16 18:08 - Updated: 2026-03-18 02:45Summary
Red Hat Security Advisory: pcs security update
Severity
Moderate
Notes
Topic: An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> (CVE-2024-41123)
* rexml: DoS vulnerability in REXML (CVE-2024-41946)
* rexml: DoS vulnerability in REXML (CVE-2024-43398)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '>]', and ']>'.
5.3 (Medium)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file.
CWE-400 - Uncontrolled Resource ConsumptionAffected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected.
5.9 (Medium)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
28 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:6703 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302268 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302272 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2307297 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-41123 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302268 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-41123 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-41123 | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | external |
| https://access.redhat.com/security/cve/CVE-2024-41946 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2302272 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-41946 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-41946 | external |
| https://github.com/ruby/rexml/commit/033d1909a8f2… | external |
| https://github.com/ruby/rexml/security/advisories… | external |
| https://www.ruby-lang.org/en/news/2008/08/23/dos-… | external |
| https://www.ruby-lang.org/en/news/2024/08/01/dos-… | external |
| https://access.redhat.com/security/cve/CVE-2024-43398 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2307297 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-43398 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-43398 | external |
| https://github.com/ruby/rexml/releases/tag/v3.3.6 | external |
| https://github.com/ruby/rexml/security/advisories… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e (CVE-2024-41123)\n\n* rexml: DoS vulnerability in REXML (CVE-2024-41946)\n\n* rexml: DoS vulnerability in REXML (CVE-2024-43398)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6703",
"url": "https://access.redhat.com/errata/RHSA-2024:6703"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2302268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302268"
},
{
"category": "external",
"summary": "2302272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302272"
},
{
"category": "external",
"summary": "2307297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6703.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2026-03-18T02:45:58+00:00",
"generator": {
"date": "2026-03-18T02:45:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:6703",
"initial_release_date": "2024-09-16T18:08:33+00:00",
"revision_history": [
{
"date": "2024-09-16T18:08:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-16T18:08:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:45:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.3.src",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.3.src",
"product_id": "pcs-0:0.10.15-4.el8_8.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.3.ppc64le",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.3.ppc64le",
"product_id": "pcs-0:0.10.15-4.el8_8.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.3.x86_64",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.3.x86_64",
"product_id": "pcs-0:0.10.15-4.el8_8.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.3.s390x",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.3.s390x",
"product_id": "pcs-0:0.10.15-4.el8_8.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.15-4.el8_8.3.aarch64",
"product": {
"name": "pcs-0:0.10.15-4.el8_8.3.aarch64",
"product_id": "pcs-0:0.10.15-4.el8_8.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.15-4.el8_8.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"product": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"product_id": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.15-4.el8_8.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.aarch64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.aarch64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.ppc64le as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.ppc64le",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.s390x as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.s390x",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.src as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.src",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.x86_64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.x86_64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 as a component of Red Hat Enterprise Linux High Availability EUS (v.8.8)",
"product_id": "HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"relates_to_product_reference": "HighAvailability-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.aarch64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.s390x as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.s390x",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.src as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.src",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.15-4.el8_8.3.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64"
},
"product_reference": "pcs-0:0.10.15-4.el8_8.3.x86_64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage EUS (v.8.8)",
"product_id": "ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"relates_to_product_reference": "ResilientStorage-8.8.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-41123",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-01T15:30:28+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302268"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, \u0027\u003e]\u0027, and \u0027]\u003e\u0027.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat believes this flaw to be moderate because a potential denial of service condition would create minimal impact at the application level and not the entire system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41123"
},
{
"category": "external",
"summary": "RHBZ#2302268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-r55c-59qm-vjw6",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-r55c-59qm-vjw6"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T18:08:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6703"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. It is recommended to upgrade the REXML gem to fix these vulnerabilities.",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, \u003e] and ]\u003e"
},
{
"cve": "CVE-2024-41946",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-01T15:30:43+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: DoS vulnerability in REXML",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41946"
},
{
"category": "external",
"summary": "RHBZ#2302272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41946"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368",
"url": "https://github.com/ruby/rexml/commit/033d1909a8f259d5a7c53681bcaf14f13bcf0368"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-5866-49gr-22v4"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml",
"url": "https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml"
},
{
"category": "external",
"summary": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946",
"url": "https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T18:08:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6703"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rexml: DoS vulnerability in REXML"
},
{
"cve": "CVE-2024-43398",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2024-08-22T15:21:20.836180+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307297"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rexml: DoS vulnerability in REXML",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43398"
},
{
"category": "external",
"summary": "RHBZ#2307297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43398"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/releases/tag/v3.3.6",
"url": "https://github.com/ruby/rexml/releases/tag/v3.3.6"
},
{
"category": "external",
"summary": "https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3",
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-vmwr-mc7x-5vc3"
}
],
"release_date": "2024-08-22T15:15:16.440000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-16T18:08:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6703"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"HighAvailability-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"HighAvailability-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.src",
"ResilientStorage-8.8.0.Z.EUS:pcs-0:0.10.15-4.el8_8.3.x86_64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.aarch64",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.ppc64le",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.s390x",
"ResilientStorage-8.8.0.Z.EUS:pcs-snmp-0:0.10.15-4.el8_8.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rexml: DoS vulnerability in REXML"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…