Vulnerability-Lookup

CVE-2020-10672 (GCVE-0-2020-10672)

Vulnerability from cvelistv5 – Published: 2020-03-18 21:17 – Updated: 2024-08-04 11:06

Summary

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-502 - Deserialization of Untrusted Data

Assigner

mitre

References

8 references

URL	Tags
https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
https://medium.com/%40cowtowncoder/on-jackson-cve…	x_refsource_MISC
https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
https://github.com/FasterXML/jackson-databind/iss…	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2020040…	x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpujan2021.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC

Impacted products

28 products

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "debian_linux",
            "vendor": "debian",
            "versions": [
              {
                "status": "affected",
                "version": "8.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "steelstore_cloud_integrated_storage",
            "vendor": "netapp",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "agile_plm",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "9.3.6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autovue_for_agile_product_lifecycle_management",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "21.0.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "banking_digital_experience",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "18.3",
                "status": "affected",
                "version": "18.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "19.2",
                "status": "affected",
                "version": "19.1",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "20.1"
              },
              {
                "lessThanOrEqual": "2.9.0",
                "status": "affected",
                "version": "2.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_calendar_server",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "8.0.0.5.0",
                "status": "affected",
                "version": "8.0.0.4.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_diameter_signaling_router:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_diameter_signaling_router",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "8.2.2",
                "status": "affected",
                "version": "8.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_element_manager",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "8.2.2",
                "status": "affected",
                "version": "8.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_evolved_communications_application_server",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "7.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_instant_messaging_server",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "10.0.1.4.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_network_charging_and_control",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "6.0.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_network_charging_and_control",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "12.0.3",
                "status": "affected",
                "version": "12.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "communications_session_route_manager",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "8.2.2",
                "status": "affected",
                "version": "8.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "enterprise_manager_base_platform",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "13.4.0.0",
                "status": "affected",
                "version": "13.3.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "financial_services_analytical_applications_infrastructure",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "8.1.0",
                "status": "affected",
                "version": "8.0.6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "financial_services_institutional_performance_analytics",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "8.0.6"
              },
              {
                "status": "affected",
                "version": "8.0.7"
              },
              {
                "status": "affected",
                "version": "8.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "financial_services_price_creation_and_discovery",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "8.0.7",
                "status": "affected",
                "version": "8.0.6",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "financial_services_retail_customer_analytics",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "8.0.6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "global_lifecycle_management_opatch",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "12.2.0.1.20",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "insurance_policy_administration_j2ee",
            "vendor": "oracle",
            "versions": [
              {
                "lessThan": "11.1.0.15",
                "status": "affected",
                "version": "11.0.2.25",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jd_edwards_enterpriseone_orchestrator",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "9.2.4.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "primavera_unifier",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "16.1"
              },
              {
                "status": "affected",
                "version": "16.2"
              },
              {
                "lessThanOrEqual": "17.12",
                "status": "affected",
                "version": "17.7",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "18.8"
              },
              {
                "status": "affected",
                "version": "19.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "retail_merchandising_system",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "15.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "retail_sales_audit",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "14.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "retail_service_backbone",
            "vendor": "oracle",
            "versions": [
              {
                "status": "affected",
                "version": "14.1"
              },
              {
                "status": "affected",
                "version": "15.0"
              },
              {
                "status": "affected",
                "version": "16.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "retail_xstore_point_of_service",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "19.0",
                "status": "affected",
                "version": "15.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:oracle:weblogic_server:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "weblogic_server",
            "vendor": "oracle",
            "versions": [
              {
                "lessThanOrEqual": "12.2.1.4.0",
                "status": "affected",
                "version": "12.2.1.3.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:fasterxml:jackson-databind:2.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jackson-databind",
            "vendor": "fasterxml",
            "versions": [
              {
                "lessThan": "2.9.10.4",
                "status": "affected",
                "version": "2.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-10672",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-25T04:00:48.872316Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-502",
                "description": "CWE-502 Deserialization of Untrusted Data",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T19:56:32.131Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:06:11.143Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/FasterXML/jackson-databind/issues/2659"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200403-0002/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-20T10:38:38.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FasterXML/jackson-databind/issues/2659"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200403-0002/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-10672",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html"
            },
            {
              "name": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
              "refsource": "MISC",
              "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://github.com/FasterXML/jackson-databind/issues/2659",
              "refsource": "MISC",
              "url": "https://github.com/FasterXML/jackson-databind/issues/2659"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200403-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200403-0002/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-10672",
    "datePublished": "2020-03-18T21:17:43.000Z",
    "dateReserved": "2020-03-18T00:00:00.000Z",
    "dateUpdated": "2024-08-04T11:06:11.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-10672",
      "date": "2026-06-05",
      "epss": "0.39493",
      "percentile": "0.97384"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-10672\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-03-18T22:15:12.313\",\"lastModified\":\"2024-11-21T04:55:49.050\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\"},{\"lang\":\"es\",\"value\":\"FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacci\u00f3n entre los gadgets de serializaci\u00f3n y escritura, relacionados con org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (tambi\u00e9n se conoce como aries.transaction.jms).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.10.4\",\"matchCriteriaId\":\"77F8EDB1-5890-4054-84FF-2034C7D2ED96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E94F7F59-1785-493F-91A7-5F5EA5E87E4D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97994257-C9A4-4491-B362-E8B25B7187AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE7BF09-B89C-4590-821E-6C0587E096B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7231D2D-4092-44F3-B60A-D7C9ED78AFDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18127694-109C-4E7E-AE79-0BA351849291\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndIncluding\":\"2.9.0\",\"matchCriteriaId\":\"5343F8F8-E8B4-49E9-A304-9C8A608B8027\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46059231-E7F6-4402-8119-1C7FE4ABEA96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113E281E-977E-4195-B131-B7C7A2933B6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D01A0BBC-DA0E-4AFE-83BF-4F3BA01653EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"526E2FE5-263F-416F-8628-6CD40B865780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"B51F78F4-8D7E-48C2-86D1-D53A6EB348A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"987811D5-DA5E-493D-8709-F9231A84E5F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB23B9A-571E-4B77-B432-23F3DC9B67D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndIncluding\":\"12.0.3\",\"matchCriteriaId\":\"2AB443D1-D8E0-4253-9E1C-B62AEBBE582A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC00750-1DBF-401F-886E-E0E65A277409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"3E5416A1-EE58-415D-9645-B6A875EBAED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"11B0C37E-D7C7-45F2-A8D8-5A3B1B191430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7582B307-3899-4BBB-B868-BC912A4D0109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.6\",\"versionEndIncluding\":\"8.1.0\",\"matchCriteriaId\":\"021014B2-DC51-481C-BCFE-5857EFBDEDDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C8EE84-A840-4132-B331-C7D450B1FBBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8436A2-9CA3-4C91-B632-9B03368ABC1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A00142E6-EEB3-44BD-AB0D-0E5C5640557F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A01F8ED-64DA-43BC-9C02-488010BCD0F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75638A6A-88B2-4BC7-84EA-1CF5FC30D555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FBF422E-3F67-4599-A7C1-0E2E4224553A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.2.0.1.20\",\"matchCriteriaId\":\"A8200D5C-D3C7-4936-84A7-37864DEEC62B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72F28CE3-F835-4458-8D70-CBE9FC2F7E7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F058FDA-04BC-4F32-830D-206983770692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.4.2\",\"matchCriteriaId\":\"6E46AE88-E9F8-41CB-B15F-12F5127A1E8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.4.2\",\"matchCriteriaId\":\"A3D635AE-5E4A-47FB-9FCA-D82D52A61367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"792DF04A-2D1B-40B5-B960-3E7152732EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA6E92C-AC3B-40CF-96AE-22CD8769886F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"378A6656-252B-4929-83EA-BC107FDFD357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"363395FA-C296-4B2B-9D6F-BCB8DBE6FACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F62A2144-5EF8-4319-B8C2-D7975F51E5FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11DA6839-849D-4CEF-85F3-38FE75E07183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCE78490-A4BE-40BD-8C72-0A4526BBD4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55AE3629-4A66-49E4-A33D-6D81CC94962F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CB39A1A-AD29-45DD-9EB5-5E2053A01B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27C26705-6D1F-4D5E-B64D-B479108154FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"}]}]}],\"references\":[{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/2659\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20200403-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/2659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20200403-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html\", \"name\": \"[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/FasterXML/jackson-databind/issues/2659\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20200403-0002/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T11:06:11.143Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-10672\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-25T04:00:48.872316Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\"], \"vendor\": \"debian\", \"product\": \"debian_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*\"], \"vendor\": \"netapp\", \"product\": \"steelstore_cloud_integrated_storage\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"agile_plm\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.3.6\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"autovue_for_agile_product_lifecycle_management\", \"versions\": [{\"status\": \"affected\", \"version\": \"21.0.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"banking_digital_experience\", \"versions\": [{\"status\": \"affected\", \"version\": \"18.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.3\"}, {\"status\": \"affected\", \"version\": \"19.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"19.2\"}, {\"status\": \"affected\", \"version\": \"20.1\"}, {\"status\": \"affected\", \"version\": \"2.4.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.9.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_calendar_server\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.0.4.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.0.0.5.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_diameter_signaling_router:-:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_diameter_signaling_router\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.2.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_element_manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.2.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.2.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_evolved_communications_application_server\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_instant_messaging_server\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.1.4.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_network_charging_and_control\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_network_charging_and_control\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"communications_session_route_manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.2.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.2.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"enterprise_manager_base_platform\", \"versions\": [{\"status\": \"affected\", \"version\": \"13.3.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"13.4.0.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"financial_services_analytical_applications_infrastructure\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.6\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.1.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"financial_services_institutional_performance_analytics\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.6\"}, {\"status\": \"affected\", \"version\": \"8.0.7\"}, {\"status\": \"affected\", \"version\": \"8.1.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"financial_services_price_creation_and_discovery\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.6\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"8.0.7\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"financial_services_retail_customer_analytics\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0.6\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"global_lifecycle_management_opatch\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.2.0.1.20\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:insurance_policy_administration_j2ee:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"insurance_policy_administration_j2ee\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.0.2.25\", \"lessThan\": \"11.1.0.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:-:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"jd_edwards_enterpriseone_orchestrator\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.2.4.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"primavera_unifier\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.1\"}, {\"status\": \"affected\", \"version\": \"16.2\"}, {\"status\": \"affected\", \"version\": \"17.7\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"17.12\"}, {\"status\": \"affected\", \"version\": \"18.8\"}, {\"status\": \"affected\", \"version\": \"19.12\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"retail_merchandising_system\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"retail_sales_audit\", \"versions\": [{\"status\": \"affected\", \"version\": \"14.1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"retail_service_backbone\", \"versions\": [{\"status\": \"affected\", \"version\": \"14.1\"}, {\"status\": \"affected\", \"version\": \"15.0\"}, {\"status\": \"affected\", \"version\": \"16.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"retail_xstore_point_of_service\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"19.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:oracle:weblogic_server:*:*:*:*:*:*:*:*\"], \"vendor\": \"oracle\", \"product\": \"weblogic_server\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.2.1.3.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.2.1.4.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:fasterxml:jackson-databind:2.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"fasterxml\", \"product\": \"jackson-databind\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"2.9.10.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-26T13:44:45.665Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html\", \"name\": \"[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FasterXML/jackson-databind/issues/2659\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20200403-0002/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2021-10-20T10:38:38\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html\", \"name\": \"[debian-lts-announce] 20200322 [SECURITY] [DLA 2153-1] jackson-databind security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062\", \"name\": \"https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/FasterXML/jackson-databind/issues/2659\", \"name\": \"https://github.com/FasterXML/jackson-databind/issues/2659\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20200403-0002/\", \"name\": \"https://security.netapp.com/advisory/ntap-20200403-0002/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-10672\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-10672\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-04T11:06:11.143Z\", \"dateReserved\": \"2020-03-18T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2020-03-18T21:17:43\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

RHSA-2025:1746

Vulnerability from csaf_redhat - Published: 2025-02-24 00:08 - Updated: 2026-05-23 14:36

Summary

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.9 on RHEL 7 security update

Severity

Critical

Notes

Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es): * codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [eap-7.1.z] (CVE-2022-41881) * velocity: arbitrary code execution when attacker is able to modify templates [eap-7.1.z] (CVE-2020-13936) * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution [eap-7.1.z] (CVE-2020-10673) * jackson-databind: Serialization gadgets in anteros-core [eap-7.1.z] (CVE-2020-9548) * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution [eap-7.1.z] (CVE-2020-10672) * wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users [eap-7.1.z] (CVE-2021-3717) * jackson-databind: Serialization gadgets in ibatis-sqlmap [eap-7.1.z] (CVE-2020-9547) * log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) [eap-7.1.z] (CVE-2021-45046) * log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value [eap-7.1.z] (CVE-2021-44228) * jackson-databind: Serialization gadgets in shaded-hikari-config [eap-7.1.z] (CVE-2020-9546) * CXF: Apache CXF: directory listing / code exfiltration [eap-7.1.z] (CVE-2022-46363) * sshd-common: mina-sshd: Java unsafe deserialization vulnerability [eap-7.1.z] (CVE-2022-45047) * jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos [eap-7.1.z] (CVE-2022-45693) * jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [eap-7.1.z] (CVE-2022-42003) * jackson-databind: use of deeply nested arrays [eap-7.1.z] (CVE-2022-42004) * jackson-databind: Lacks certain xbean-reflect/JNDI blocking [eap-7.1.z] (CVE-2020-8840) * snakeyaml: Constructor Deserialization Remote Code Execution [eap-7.1.z] (CVE-2022-1471) * commons-text: apache-commons-text: variable interpolation RCE [eap-7.1.z] (CVE-2022-42889) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2020-8840

A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A "gadget" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2020-9546

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2020-9547

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2020-9548

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2020-10672

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-96 - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2020-10673

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-96 - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2020-13936

A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2021-3717

A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-552 - Files or Directories Accessible to External Parties

Affected products

Fixed 21 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 16 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—

Threats

Impact Moderate

CVE-2021-44228

A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 37 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround

Threats

Exploit Status CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Impact Critical

CVE-2021-45046

A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-917 - Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Affected products

Fixed 37 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround

Threats

Exploit Status CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Impact Moderate

CVE-2022-1471

A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Important

CVE-2022-41881

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Fixed 37 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2022-42003

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Moderate

CVE-2022-42004

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 17 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Moderate

CVE-2022-42889

A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 37 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround

Threats

Impact Critical

CVE-2022-45047

A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 37 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix Workaround
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2022-45693

A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Fixed 37 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2022-46363

A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 23 products

Product	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch	—	Vendor Fix fix

Known not affected 14 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src		—
Unresolved product id: 7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch		—

Threats

Impact Moderate

References

109 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:1746	self
https://access.redhat.com/security/updates/classi…	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1815470	external
https://bugzilla.redhat.com/show_bug.cgi?id=1815495	external
https://bugzilla.redhat.com/show_bug.cgi?id=1816330	external
https://bugzilla.redhat.com/show_bug.cgi?id=1816332	external
https://bugzilla.redhat.com/show_bug.cgi?id=1816337	external
https://bugzilla.redhat.com/show_bug.cgi?id=1816340	external
https://bugzilla.redhat.com/show_bug.cgi?id=1937440	external
https://bugzilla.redhat.com/show_bug.cgi?id=1991305	external
https://bugzilla.redhat.com/show_bug.cgi?id=2030932	external
https://bugzilla.redhat.com/show_bug.cgi?id=2032580	external
https://bugzilla.redhat.com/show_bug.cgi?id=2135244	external
https://bugzilla.redhat.com/show_bug.cgi?id=2135247	external
https://bugzilla.redhat.com/show_bug.cgi?id=2135435	external
https://bugzilla.redhat.com/show_bug.cgi?id=2145194	external
https://bugzilla.redhat.com/show_bug.cgi?id=2150009	external
https://bugzilla.redhat.com/show_bug.cgi?id=2153379	external
https://bugzilla.redhat.com/show_bug.cgi?id=2155681	external
https://bugzilla.redhat.com/show_bug.cgi?id=2155970	external
https://issues.redhat.com/browse/JBEAP-28583	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2020-8840	self
https://bugzilla.redhat.com/show_bug.cgi?id=1816330	external
https://www.cve.org/CVERecord?id=CVE-2020-8840	external
https://nvd.nist.gov/vuln/detail/CVE-2020-8840	external
https://access.redhat.com/security/cve/CVE-2020-9546	self
https://bugzilla.redhat.com/show_bug.cgi?id=1816332	external
https://www.cve.org/CVERecord?id=CVE-2020-9546	external
https://nvd.nist.gov/vuln/detail/CVE-2020-9546	external
https://access.redhat.com/security/cve/CVE-2020-9547	self
https://bugzilla.redhat.com/show_bug.cgi?id=1816337	external
https://www.cve.org/CVERecord?id=CVE-2020-9547	external
https://nvd.nist.gov/vuln/detail/CVE-2020-9547	external
https://access.redhat.com/security/cve/CVE-2020-9548	self
https://bugzilla.redhat.com/show_bug.cgi?id=1816340	external
https://www.cve.org/CVERecord?id=CVE-2020-9548	external
https://nvd.nist.gov/vuln/detail/CVE-2020-9548	external
https://access.redhat.com/security/cve/CVE-2020-10672	self
https://bugzilla.redhat.com/show_bug.cgi?id=1815495	external
https://www.cve.org/CVERecord?id=CVE-2020-10672	external
https://nvd.nist.gov/vuln/detail/CVE-2020-10672	external
https://access.redhat.com/security/cve/CVE-2020-10673	self
https://bugzilla.redhat.com/show_bug.cgi?id=1815470	external
https://www.cve.org/CVERecord?id=CVE-2020-10673	external
https://nvd.nist.gov/vuln/detail/CVE-2020-10673	external
https://access.redhat.com/security/cve/CVE-2020-13936	self
https://bugzilla.redhat.com/show_bug.cgi?id=1937440	external
https://www.cve.org/CVERecord?id=CVE-2020-13936	external
https://nvd.nist.gov/vuln/detail/CVE-2020-13936	external
https://access.redhat.com/security/cve/CVE-2021-3717	self
https://bugzilla.redhat.com/show_bug.cgi?id=1991305	external
https://www.cve.org/CVERecord?id=CVE-2021-3717	external
https://nvd.nist.gov/vuln/detail/CVE-2021-3717	external
https://access.redhat.com/security/cve/CVE-2021-44228	self
https://bugzilla.redhat.com/show_bug.cgi?id=2030932	external
https://access.redhat.com/security/vulnerabilitie…	external
https://www.cve.org/CVERecord?id=CVE-2021-44228	external
https://nvd.nist.gov/vuln/detail/CVE-2021-44228	external
https://github.com/advisories/GHSA-jfh8-c2jp-5v3q	external
https://logging.apache.org/log4j/2.x/security.html	external
https://www.lunasec.io/docs/blog/log4j-zero-day/	external
https://www.cisa.gov/known-exploited-vulnerabilit…	external
https://access.redhat.com/security/cve/CVE-2021-45046	self
https://bugzilla.redhat.com/show_bug.cgi?id=2032580	external
https://www.cve.org/CVERecord?id=CVE-2021-45046	external
https://nvd.nist.gov/vuln/detail/CVE-2021-45046	external
https://access.redhat.com/security/cve/CVE-2021-44228	external
https://www.openwall.com/lists/oss-security/2021/…	external
https://access.redhat.com/security/cve/CVE-2022-1471	self
https://bugzilla.redhat.com/show_bug.cgi?id=2150009	external
https://www.cve.org/CVERecord?id=CVE-2022-1471	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1471	external
https://github.com/google/security-research/secur…	external
https://access.redhat.com/security/cve/CVE-2022-41881	self
https://bugzilla.redhat.com/show_bug.cgi?id=2153379	external
https://www.cve.org/CVERecord?id=CVE-2022-41881	external
https://nvd.nist.gov/vuln/detail/CVE-2022-41881	external
https://access.redhat.com/security/cve/CVE-2022-42003	self
https://bugzilla.redhat.com/show_bug.cgi?id=2135244	external
https://www.cve.org/CVERecord?id=CVE-2022-42003	external
https://nvd.nist.gov/vuln/detail/CVE-2022-42003	external
https://access.redhat.com/security/cve/CVE-2022-42004	self
https://bugzilla.redhat.com/show_bug.cgi?id=2135247	external
https://www.cve.org/CVERecord?id=CVE-2022-42004	external
https://nvd.nist.gov/vuln/detail/CVE-2022-42004	external
https://access.redhat.com/security/cve/CVE-2022-42889	self
https://bugzilla.redhat.com/show_bug.cgi?id=2135435	external
https://www.cve.org/CVERecord?id=CVE-2022-42889	external
https://nvd.nist.gov/vuln/detail/CVE-2022-42889	external
https://blogs.apache.org/security/entry/cve-2022-42889	external
https://lists.apache.org/thread/n2bd4vdsgkqh2tm14…	external
https://seclists.org/oss-sec/2022/q4/22	external
https://access.redhat.com/security/cve/CVE-2022-45047	self
https://bugzilla.redhat.com/show_bug.cgi?id=2145194	external
https://www.cve.org/CVERecord?id=CVE-2022-45047	external
https://nvd.nist.gov/vuln/detail/CVE-2022-45047	external
https://www.mail-archive.com/dev@mina.apache.org/…	external
https://access.redhat.com/security/cve/CVE-2022-45693	self
https://bugzilla.redhat.com/show_bug.cgi?id=2155970	external
https://www.cve.org/CVERecord?id=CVE-2022-45693	external
https://nvd.nist.gov/vuln/detail/CVE-2022-45693	external
https://access.redhat.com/security/cve/CVE-2022-46363	self
https://bugzilla.redhat.com/show_bug.cgi?id=2155681	external
https://www.cve.org/CVERecord?id=CVE-2022-46363	external
https://nvd.nist.gov/vuln/detail/CVE-2022-46363	external
https://lists.apache.org/thread/pdzo1qgyplf4y523t…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [eap-7.1.z] (CVE-2022-41881)\n\n* velocity: arbitrary code execution when attacker is able to modify templates [eap-7.1.z] (CVE-2020-13936)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution [eap-7.1.z] (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in anteros-core [eap-7.1.z] (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution [eap-7.1.z] (CVE-2020-10672)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users [eap-7.1.z] (CVE-2021-3717)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap [eap-7.1.z] (CVE-2020-9547)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) [eap-7.1.z] (CVE-2021-45046)\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value [eap-7.1.z] (CVE-2021-44228)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config [eap-7.1.z] (CVE-2020-9546)\n\n* CXF: Apache CXF: directory listing / code exfiltration [eap-7.1.z] (CVE-2022-46363)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability [eap-7.1.z] (CVE-2022-45047)\n\n* jettison:  If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos [eap-7.1.z] (CVE-2022-45693)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [eap-7.1.z] (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays [eap-7.1.z] (CVE-2022-42004)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking [eap-7.1.z] (CVE-2020-8840)\n\n* snakeyaml: Constructor Deserialization Remote Code Execution [eap-7.1.z] (CVE-2022-1471)\n\n* commons-text: apache-commons-text: variable interpolation RCE [eap-7.1.z] (CVE-2022-42889)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:1746",
        "url": "https://access.redhat.com/errata/RHSA-2025:1746"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1",
        "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index",
        "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index"
      },
      {
        "category": "external",
        "summary": "1815470",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
      },
      {
        "category": "external",
        "summary": "1815495",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
      },
      {
        "category": "external",
        "summary": "1816330",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
      },
      {
        "category": "external",
        "summary": "1816332",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
      },
      {
        "category": "external",
        "summary": "1816337",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
      },
      {
        "category": "external",
        "summary": "1816340",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
      },
      {
        "category": "external",
        "summary": "1937440",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937440"
      },
      {
        "category": "external",
        "summary": "1991305",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305"
      },
      {
        "category": "external",
        "summary": "2030932",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
      },
      {
        "category": "external",
        "summary": "2032580",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
      },
      {
        "category": "external",
        "summary": "2135244",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
      },
      {
        "category": "external",
        "summary": "2135247",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
      },
      {
        "category": "external",
        "summary": "2135435",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
      },
      {
        "category": "external",
        "summary": "2145194",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
      },
      {
        "category": "external",
        "summary": "2150009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
      },
      {
        "category": "external",
        "summary": "2153379",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
      },
      {
        "category": "external",
        "summary": "2155681",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
      },
      {
        "category": "external",
        "summary": "2155970",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
      },
      {
        "category": "external",
        "summary": "JBEAP-28583",
        "url": "https://issues.redhat.com/browse/JBEAP-28583"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1746.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.9 on RHEL 7 security update",
    "tracking": {
      "current_release_date": "2026-05-23T14:36:04+00:00",
      "generator": {
        "date": "2026-05-23T14:36:04+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2025:1746",
      "initial_release_date": "2025-02-24T00:08:27+00:00",
      "revision_history": [
        {
          "date": "2025-02-24T00:08:27+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-02-24T00:08:27+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-23T14:36:04+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
                  "product_id": "7Server-JBEAP-7.1-EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
                "product": {
                  "name": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
                  "product_id": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
                "product": {
                  "name": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
                  "product_id": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
                "product": {
                  "name": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
                  "product_id": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
                "product": {
                  "name": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
                  "product_id": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
                "product": {
                  "name": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
                  "product_id": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
                "product": {
                  "name": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
                  "product_id": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
                "product": {
                  "name": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
                  "product_id": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
                "product": {
                  "name": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
                  "product_id": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
                  "product_id": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty@4.1.63-1.Final_redhat_00002.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
                  "product_id": "eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.63-1.Final_redhat_00002.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-1.SP1_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
                  "product_id": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jettison@1.3.8-2.redhat_00002.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_id": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-4.redhat_00003.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_id": "eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.16-4.redhat_00003.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_id": "eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.16-4.redhat_00003.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_id": "eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.16-4.redhat_00003.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
                  "product_id": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-2.SP1_redhat_00002.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
                  "product_id": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-velocity@1.7.0-3.redhat_00006.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
                  "product_id": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.9-2.GA_redhat_00002.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
                  "product_id": "eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.1.9-2.GA_redhat_00002.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                "product": {
                  "name": "eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_id": "eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.27-1.Final_redhat_00001.1.ep7.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src"
        },
        "product_reference": "eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src"
        },
        "product_reference": "eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src"
        },
        "product_reference": "eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src"
        },
        "product_reference": "eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src"
        },
        "product_reference": "eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src"
        },
        "product_reference": "eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src"
        },
        "product_reference": "eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src"
        },
        "product_reference": "eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server",
          "product_id": "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        },
        "product_reference": "eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-7.1-EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-8840",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2020-03-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1816330"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-8840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1816330",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840"
        }
      ],
      "release_date": "2020-03-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking"
    },
    {
      "cve": "CVE-2020-9546",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2020-03-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1816332"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Serialization gadgets in shaded-hikari-config",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-9546"
        },
        {
          "category": "external",
          "summary": "RHBZ#1816332",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546"
        }
      ],
      "release_date": "2020-03-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Serialization gadgets in shaded-hikari-config"
    },
    {
      "cve": "CVE-2020-9547",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2020-03-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1816337"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Serialization gadgets in ibatis-sqlmap",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-9547"
        },
        {
          "category": "external",
          "summary": "RHBZ#1816337",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547"
        }
      ],
      "release_date": "2020-03-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Serialization gadgets in ibatis-sqlmap"
    },
    {
      "cve": "CVE-2020-9548",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2020-03-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1816340"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Serialization gadgets in anteros-core",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-9548"
        },
        {
          "category": "external",
          "summary": "RHBZ#1816340",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548"
        }
      ],
      "release_date": "2020-03-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Serialization gadgets in anteros-core"
    },
    {
      "cve": "CVE-2020-10672",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "discovery_date": "2020-03-19T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1815495"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-10672"
        },
        {
          "category": "external",
          "summary": "RHBZ#1815495",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
        }
      ],
      "release_date": "2020-03-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
    },
    {
      "cve": "CVE-2020-10673",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "discovery_date": "2020-03-19T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1815470"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-10673"
        },
        {
          "category": "external",
          "summary": "RHBZ#1815470",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
        }
      ],
      "release_date": "2020-03-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
    },
    {
      "cve": "CVE-2020-13936",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2021-03-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1937440"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "velocity: arbitrary code execution when attacker is able to modify templates",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift Container Platform (OCP) openshift-logging/elasticsearch6-rhel8 container does contain a vulnerable version of velocity. The references to the library only occur in the x-pack component which is an enterprise-only feature of Elasticsearch - hence it has been marked as wontfix as this time and may be fixed in a future release. Additionally the hive container only references velocity in the testutils of the code but the code still exists in the container, as such it has been given a Moderate impact.\n\n* Velocity as shipped with Red Hat Enterprise Linux 6 is not affected because it does not contain the vulnerable code.\n\n* Velocity as shipped with Red Hat Enterprise Linux 7 contains a vulnerable version, but it is used as a dependency for IdM/ipa, which does not use the vulnerable functionality. It has been marked as Moderate for this reason.\n\n* Although velocity shipped in Red Hat Enterprise Linux 8\u0027s pki-deps:10.6 for IdM/ipa is a vulnerable version, the vulnerable code is not used by pki. It has been marked as Low for this reason.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-13936"
        },
        {
          "category": "external",
          "summary": "RHBZ#1937440",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937440"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13936",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13936",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13936"
        }
      ],
      "release_date": "2021-03-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "velocity: arbitrary code execution when attacker is able to modify templates"
    },
    {
      "cve": "CVE-2021-3717",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2021-07-27T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1991305"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3717"
        },
        {
          "category": "external",
          "summary": "RHBZ#1991305",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3717",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3717"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717"
        }
      ],
      "release_date": "2021-08-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users"
    },
    {
      "cve": "CVE-2021-44228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2021-12-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030932"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue only affects log4j versions between 2.0  and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44228"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030932",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
        },
        {
          "category": "external",
          "summary": "RHSB-2021-009",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
          "url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
        },
        {
          "category": "external",
          "summary": "https://logging.apache.org/log4j/2.x/security.html",
          "url": "https://logging.apache.org/log4j/2.x/security.html"
        },
        {
          "category": "external",
          "summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
          "url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2021-12-10T02:01:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        },
        {
          "category": "workaround",
          "details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2021-12-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
    },
    {
      "cve": "CVE-2021-45046",
      "cwe": {
        "id": "CWE-917",
        "name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
      },
      "discovery_date": "2021-12-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2032580"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-45046"
        },
        {
          "category": "external",
          "summary": "RHBZ#2032580",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44228"
        },
        {
          "category": "external",
          "summary": "https://logging.apache.org/log4j/2.x/security.html",
          "url": "https://logging.apache.org/log4j/2.x/security.html"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
          "url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2021-12-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        },
        {
          "category": "workaround",
          "details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2023-05-01T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
    },
    {
      "cve": "CVE-2022-1471",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2022-12-01T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2150009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1471"
        },
        {
          "category": "external",
          "summary": "RHBZ#2150009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
        },
        {
          "category": "external",
          "summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
          "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
        }
      ],
      "release_date": "2022-10-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
    },
    {
      "cve": "CVE-2022-41881",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2022-12-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2153379"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41881"
        },
        {
          "category": "external",
          "summary": "RHBZ#2153379",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
        }
      ],
      "release_date": "2022-12-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
    },
    {
      "cve": "CVE-2022-42003",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2022-10-17T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2135244"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42003"
        },
        {
          "category": "external",
          "summary": "RHBZ#2135244",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
        }
      ],
      "release_date": "2022-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
    },
    {
      "cve": "CVE-2022-42004",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2022-10-17T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2135247"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: use of deeply nested arrays",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42004"
        },
        {
          "category": "external",
          "summary": "RHBZ#2135247",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
        }
      ],
      "release_date": "2022-10-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jackson-databind: use of deeply nested arrays"
    },
    {
      "cve": "CVE-2022-42889",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2022-10-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2135435"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9.  The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-commons-text: variable interpolation RCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n  - Usage of specific methods that interpolate the variables as described in the flaw\n  - Usage of external input for those methods\n  - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "RHBZ#2135435",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
          "url": "https://blogs.apache.org/security/entry/cve-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
          "url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
        },
        {
          "category": "external",
          "summary": "https://seclists.org/oss-sec/2022/q4/22",
          "url": "https://seclists.org/oss-sec/2022/q4/22"
        }
      ],
      "release_date": "2022-10-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        },
        {
          "category": "workaround",
          "details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "apache-commons-text: variable interpolation RCE"
    },
    {
      "cve": "CVE-2022-45047",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2022-11-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2145194"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "mina-sshd: Java unsafe deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-45047"
        },
        {
          "category": "external",
          "summary": "RHBZ#2145194",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
        },
        {
          "category": "external",
          "summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
          "url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
        }
      ],
      "release_date": "2022-11-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        },
        {
          "category": "workaround",
          "details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "mina-sshd: Java unsafe deserialization vulnerability"
    },
    {
      "cve": "CVE-2022-45693",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2022-12-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2155970"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-45693"
        },
        {
          "category": "external",
          "summary": "RHBZ#2155970",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
        }
      ],
      "release_date": "2022-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
    },
    {
      "cve": "CVE-2022-46363",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2022-12-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2155681"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "CXF: directory listing / code exfiltration",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
          "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-46363"
        },
        {
          "category": "external",
          "summary": "RHBZ#2155681",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
          "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
        }
      ],
      "release_date": "2022-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-24T00:08:27+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1746"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-4.redhat_00003.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-4.redhat_00003.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-2.SP1_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-jettison-0:1.3.8-2.redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-netty-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-netty-all-0:4.1.63-1.Final_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-atom-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-cdi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-client-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-crypto-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jackson2-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxb-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jaxrs-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jettison-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jose-jwt-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-jsapi-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-json-p-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-multipart-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-spring-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-validator-provider-11-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-resteasy-yaml-provider-0:3.0.27-1.Final_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-snakeyaml-0:1.33.0-1.SP1_redhat_00001.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-velocity-0:1.7.0-3.redhat_00006.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.src",
            "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.9-2.GA_redhat_00002.1.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "CXF: directory listing / code exfiltration"
    }
  ]
}

VAR-202003-1779

Vulnerability from variot - Updated: 2026-04-10 23:35

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). FasterXML Jackson is a data processing tool for Java developed by American FasterXML Company. jackson-databind is one of the components with data binding function. A security vulnerability exists in FasterXML jackson-databind 2.x prior to 2.9.10.4 due to insecure deserialization by org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aries.transaction.jms) . A remote attacker could exploit this vulnerability with specially crafted input to execute arbitrary code on the system. Description:

Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. Summary:

This is a security update for JBoss EAP Continuous Delivery 19. The purpose of this text-only errata is to inform you about the security issues fixed in this release.

Security Fix(es):

netty (CVE-2016-4970 CVE-2020-7238 CVE-2019-20444 CVE-2019-20445)
dom4j (CVE-2018-1000632)
elasticsearch (CVE-2018-3831)
pdfbox (CVE-2018-11797)
vertx (CVE-2018-12541)
spring-data-jpa (CVE-2019-3797)
mina-core (CVE-2019-0231)
jackson-databind (CVE-2019-12086 CVE-2019-16335 CVE-2019-14540 CVE-2019-17267 CVE-2019-14892 CVE-2019-14893 CVE-2019-16942 CVE-2019-16943 CVE-2019-17531 CVE-2019-20330 CVE-2020-10673 CVE-2020-10672 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11620 CVE-2020-11619 CVE-2020-14195 CVE-2020-14060 CVE-2020-14061 CVE-2020-14062)
jackson-mapper-asl (CVE-2019-10172)
hawtio (CVE-2019-9827)
undertow (CVE-2019-9511 CVE-2020-1757 CVE-2019-14888 CVE-2020-1745)
santuario (CVE-2019-12400)
apache-commons-beanutils (CVE-2019-10086)
cxf (CVE-2019-17573)
apache-commons-configuration (CVE-2020-1953)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Installation instructions are available from the Fuse 7.7.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.7/

Bugs fixed (https://bugzilla.redhat.com/):

1343616 - CVE-2016-4970 netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl 1620529 - CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents 1632452 - CVE-2018-3831 elasticsearch: Information exposure via _cluster/settings API 1637492 - CVE-2018-11797 pdfbox: unbounded computation in parser resulting in a denial of service 1638391 - CVE-2018-12541 vertx: WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake 1697598 - CVE-2019-3797 spring-data-jpa: Additional information exposure with Spring Data JPA derived queries 1700016 - CVE-2019-0231 mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure. 1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update Advisory ID: RHSA-2020:3463-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3463 Issue date: 2020-08-17 CVE Names: CVE-2019-14900 CVE-2020-1710 CVE-2020-1748 CVE-2020-10672 CVE-2020-10673 CVE-2020-10683 CVE-2020-10687 CVE-2020-10693 CVE-2020-10714 CVE-2020-10718 CVE-2020-10740 CVE-2020-14297 ==================================================================== 1. Summary:

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Relevant releases/architectures:

Red Hat JBoss EAP 7.3 for BaseOS-8 - noarch

Description:

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.

This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.

Security Fix(es):

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.

Solution:

Before applying this update, ensure all previously released errata relevant to your system have been applied.

For details about how to apply this update, see:

https://access.redhat.com/articles/11258

Bugs fixed (https://bugzilla.redhat.com/):

1666499 - CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM 1694235 - CVE-2020-10683 dom4j: XML External Entity vulnerability in default SAX parser 1785049 - CVE-2020-10687 Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests 1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230 1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages 1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain 1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication 1828476 - CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API 1834512 - CVE-2020-10740 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans 1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service

JIRA issues fixed (https://issues.jboss.org/):

JBEAP-18793 - GSS Upgrade Hibernate ORM from 5.3.16 to 5.3.17 JBEAP-19095 - GSS Upgrade wildfly-http-client from 1.0.20 to 1.0.21 JBEAP-19134 - (7.3.z) Upgrade HAL from 3.2.8.Final-redhat-00001 to 3.2.9.Final JBEAP-19185 - (7.3.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.22.Final JBEAP-19203 - (7.3.z) WFCORE-4850 - Updating mockserver to 5.9.0. Exclusion of dependency from xom.io7m JBEAP-19205 - (7.3.z) Upgrade WildFly Core from 10.1.5.Final-redhat-00001 to 10.1.x JBEAP-19269 - GSS Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final JBEAP-19322 - (7.3.z) Upgrade XNIO from 3.7.7 to 3.7.8.SP1 JBEAP-19325 - (7.3.z) Upgrade Infinispan from 9.4.18.Final-redhat-00001 to 9.4.19.Final-redhat-00001 JBEAP-19397 - (7.3.z) Upgrade JSF based on Mojarra 2.3.9.SP09-redhat-00001 to 2.3.9.SP11-redhat-00001 JBEAP-19410 - Tracker bug for the EAP 7.3.2 release for RHEL-7 JBEAP-19411 - Tracker bug for the EAP 7.3.2 release for RHEL-8 JBEAP-19529 - (7.3.z) Update PR template to include PR-processor hints. JBEAP-19564 - GSS Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001 JBEAP-19585 - GSS Upgrade org.jboss.genericjms from 2.0.4 to 2.0.6 JBEAP-19617 - (7.3.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001 JBEAP-19619 - (7.3.z) Upgrade JBoss JSF API from 3.0.0.SP02-redhat-00001 to 3.0.0.SP04-redhat-00001 JBEAP-19673 - (7.3.z) [WFCORE] Upgrade WildFly Common to 1.5.2.Final JBEAP-19674 - (7.3.z) [WFCORE] Upgrade galleon and wildfly-galleon-plugins from 4.1.2.Final to 4.2.4.Final JBEAP-19874 - GSS Upgrade wildfly-http-client from 1.0.21.Final-redhat-00001 to 1.0.22.Final-redhat-00001

Package List:

Red Hat JBoss EAP 7.3 for BaseOS-8:

Source: eap7-dom4j-2.1.3-1.redhat_00001.1.el8eap.src.rpm eap7-elytron-web-1.6.2-1.Final_redhat_00001.1.el8eap.src.rpm eap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el8eap.src.rpm eap7-hal-console-3.2.9-1.Final_redhat_00001.1.el8eap.src.rpm eap7-hibernate-5.3.17-1.Final_redhat_00001.1.el8eap.src.rpm eap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el8eap.src.rpm eap7-infinispan-9.4.19-1.Final_redhat_00001.1.el8eap.src.rpm eap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jackson-annotations-2.10.4-1.redhat_00001.1.el8eap.src.rpm eap7-jackson-core-2.10.4-1.redhat_00001.1.el8eap.src.rpm eap7-jackson-databind-2.10.4-1.redhat_00001.1.el8eap.src.rpm eap7-jackson-jaxrs-providers-2.10.4-1.redhat_00001.1.el8eap.src.rpm eap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el8eap.src.rpm eap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el8eap.src.rpm eap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el8eap.src.rpm eap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el8eap.src.rpm eap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el8eap.src.rpm eap7-netty-4.1.48-1.Final_redhat_00001.1.el8eap.src.rpm eap7-undertow-2.0.30-4.SP4_redhat_00001.1.el8eap.src.rpm eap7-wildfly-7.3.2-4.GA_redhat_00002.1.el8eap.src.rpm eap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el8eap.src.rpm eap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el8eap.src.rpm eap7-wildfly-http-client-1.0.22-1.Final_redhat_00001.1.el8eap.src.rpm

noarch: eap7-dom4j-2.1.3-1.redhat_00001.1.el8eap.noarch.rpm eap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el8eap.noarch.rpm eap7-hal-console-3.2.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-core-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-entitymanager-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-envers-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-java8-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-validator-cdi-6.0.20-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-cachestore-jdbc-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-cachestore-remote-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-client-hotrod-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-commons-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-core-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-hibernate-cache-commons-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-hibernate-cache-spi-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-hibernate-cache-v53-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-common-api-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-common-impl-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-common-spi-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-core-api-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-core-impl-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-deployers-common-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-jdbc-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ironjacamar-validator-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jackson-annotations-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-core-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-databind-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-datatype-jdk8-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-datatype-jsr310-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-jaxrs-base-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-jaxrs-json-provider-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-module-jaxb-annotations-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm eap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-cli-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-core-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap6.4-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.1-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.2-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.3-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly10.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly10.1-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly11.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly12.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly13.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly14.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly15.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly16.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly17.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly18.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly8.2-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly9.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm eap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el8eap.noarch.rpm eap7-netty-4.1.48-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-netty-all-4.1.48-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-undertow-2.0.30-4.SP4_redhat_00001.1.el8eap.noarch.rpm eap7-undertow-server-1.6.2-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-7.3.2-4.GA_redhat_00002.1.el8eap.noarch.rpm eap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-elytron-tool-1.10.7-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-http-client-common-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-http-ejb-client-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-http-naming-client-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-http-transaction-client-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-javadocs-7.3.2-4.GA_redhat_00002.1.el8eap.noarch.rpm eap7-wildfly-modules-7.3.2-4.GA_redhat_00002.1.el8eap.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

References:

https://access.redhat.com/security/cve/CVE-2019-14900 https://access.redhat.com/security/cve/CVE-2020-1710 https://access.redhat.com/security/cve/CVE-2020-1748 https://access.redhat.com/security/cve/CVE-2020-10672 https://access.redhat.com/security/cve/CVE-2020-10673 https://access.redhat.com/security/cve/CVE-2020-10683 https://access.redhat.com/security/cve/CVE-2020-10687 https://access.redhat.com/security/cve/CVE-2020-10693 https://access.redhat.com/security/cve/CVE-2020-10714 https://access.redhat.com/security/cve/CVE-2020-10718 https://access.redhat.com/security/cve/CVE-2020-10740 https://access.redhat.com/security/cve/CVE-2020-14297 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/

Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

iQIVAwUBXzqIgdzjgjWX9erEAQhAaw//ceEP1X/GXLqWVwEDOZhjR4akb8iOZC4P H8bYYEtAq7LHOTzfor0D1PsShzOfF6UjhpRYYhaFZN80Fs3cc27Pqk5MnF4qfdAf FnzZ/ze5jlclBPK+eSmGPvYCeuMK9EF+fRETRUOj0rdu3M1CLYUV1LNxOZk48Uen KRWbBEW8BzuYYUf+24ly76siqTZCW5oI+ZsMhuUqyUwxzu61uDL0nMYnOS+WZPL0 xBafLiCZ1xc0pykIuqzqHPy+cvxCqkyXDJ5cOV16jeXhp5lNB0yk0LzQnck/+wKc RJtl/ySiuUUXH/p5FY9tAphgqvA7Plh0SpsvF0/UUsQIeqoZzx2Xr295OFUSOb26 rebOBTDbky9zFWFXtRvnSo4cadQhYgemOkkKuX9NaQemyBRitvIjk0ZOw0cOtXdW 5UecnSYFC5U46VzSNmPosuTkodyA20GJDxFX9v/iRP8wbsG0IpJz/1G1DMSk1+ba oOtpxQxzuCOqhEVubkfgt0BbU4XgbYzBkKnfxfSaNVDpCCi1hCnHPC6gWR//jbP2 qEy5MmbO8Sksn16fDgBTQ/g8YATe6pa7Q5DnIe+l+0thzm8kf3l9TG+YRKjoxtSV FwlVApI2o6Ebse7EPr96Ior5xMirxVML2rKgzQc7cG2s7gXvQ2NVkC0vCGdmGUGc zQFgGc2abfE=qmbe -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

The References section of this erratum contains a download link (you must log in to download the update).

The JBoss server process must be restarted for the update to take effect

Show details on source website

JSON

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "communications contacts server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.4.0"
      },
      {
        "_id": null,
        "model": "communications network charging and control",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.0.3"
      },
      {
        "_id": null,
        "model": "communications session route manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.0"
      },
      {
        "_id": null,
        "model": "financial services analytical applications infrastructure",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.6"
      },
      {
        "_id": null,
        "model": "primavera unifier",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.12"
      },
      {
        "_id": null,
        "model": "primavera unifier",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.1"
      },
      {
        "_id": null,
        "model": "retail xstore point of service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0"
      },
      {
        "_id": null,
        "model": "financial services analytical applications infrastructure",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.1.0"
      },
      {
        "_id": null,
        "model": "jd edwards enterpriseone tools",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "9.2.4.2"
      },
      {
        "_id": null,
        "model": "communications evolved communications application server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "communications session route manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.2"
      },
      {
        "_id": null,
        "model": "retail sales audit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.1"
      },
      {
        "_id": null,
        "model": "retail xstore point of service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "19.0"
      },
      {
        "_id": null,
        "model": "retail xstore point of service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.0"
      },
      {
        "_id": null,
        "model": "financial services institutional performance analytics",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.6"
      },
      {
        "_id": null,
        "model": "insurance policy administration j2ee",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.0.15"
      },
      {
        "_id": null,
        "model": "banking digital experience",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.1"
      },
      {
        "_id": null,
        "model": "global lifecycle management opatch",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.0.1.20"
      },
      {
        "_id": null,
        "model": "retail merchandising system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0"
      },
      {
        "_id": null,
        "model": "financial services price creation and discovery",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.7"
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "banking platform",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "2.9.0"
      },
      {
        "_id": null,
        "model": "banking digital experience",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "20.1"
      },
      {
        "_id": null,
        "model": "jackson-databind",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "fasterxml",
        "version": "2.9.10.4"
      },
      {
        "_id": null,
        "model": "communications session report manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.0"
      },
      {
        "_id": null,
        "model": "communications instant messaging server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.0.1.4.0"
      },
      {
        "_id": null,
        "model": "banking digital experience",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.2"
      },
      {
        "_id": null,
        "model": "steelstore cloud integrated storage",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "_id": null,
        "model": "communications session report manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.2"
      },
      {
        "_id": null,
        "model": "jd edwards enterpriseone orchestrator",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "9.2.4.2"
      },
      {
        "_id": null,
        "model": "primavera unifier",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.2"
      },
      {
        "_id": null,
        "model": "primavera unifier",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.8"
      },
      {
        "_id": null,
        "model": "retail service backbone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0"
      },
      {
        "_id": null,
        "model": "retail xstore point of service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.0"
      },
      {
        "_id": null,
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.4.0.0"
      },
      {
        "_id": null,
        "model": "communications element manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.0"
      },
      {
        "_id": null,
        "model": "financial services institutional performance analytics",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.1.0"
      },
      {
        "_id": null,
        "model": "communications element manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.2"
      },
      {
        "_id": null,
        "model": "insurance policy administration j2ee",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.0.2.25"
      },
      {
        "_id": null,
        "model": "agile plm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "9.3.6"
      },
      {
        "_id": null,
        "model": "banking digital experience",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "19.2"
      },
      {
        "_id": null,
        "model": "communications contacts server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.5.0"
      },
      {
        "_id": null,
        "model": "primavera unifier",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.7"
      },
      {
        "_id": null,
        "model": "autovue for agile product lifecycle management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "21.0.2"
      },
      {
        "_id": null,
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "_id": null,
        "model": "primavera unifier",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "19.12"
      },
      {
        "_id": null,
        "model": "retail xstore point of service",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.0"
      },
      {
        "_id": null,
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "_id": null,
        "model": "financial services price creation and discovery",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.6"
      },
      {
        "_id": null,
        "model": "banking digital experience",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "19.1"
      },
      {
        "_id": null,
        "model": "communications network charging and control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.0.1"
      },
      {
        "_id": null,
        "model": "retail service backbone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.1"
      },
      {
        "_id": null,
        "model": "communications diameter signaling router",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2.2"
      },
      {
        "_id": null,
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.3.0.0"
      },
      {
        "_id": null,
        "model": "retail service backbone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.0"
      },
      {
        "_id": null,
        "model": "financial services retail customer analytics",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.6"
      },
      {
        "_id": null,
        "model": "financial services institutional performance analytics",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.7"
      },
      {
        "_id": null,
        "model": "communications diameter signaling router",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0"
      },
      {
        "_id": null,
        "model": "jackson-databind",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "fasterxml",
        "version": "2.9.0"
      },
      {
        "_id": null,
        "model": "communications calendar server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.4.0"
      },
      {
        "_id": null,
        "model": "banking platform",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "2.4.0"
      },
      {
        "_id": null,
        "model": "banking digital experience",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.3"
      },
      {
        "_id": null,
        "model": "communications network charging and control",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.0.0"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "158650"
      },
      {
        "db": "PACKETSTORM",
        "id": "157859"
      },
      {
        "db": "PACKETSTORM",
        "id": "159083"
      },
      {
        "db": "PACKETSTORM",
        "id": "158636"
      },
      {
        "db": "PACKETSTORM",
        "id": "158891"
      },
      {
        "db": "PACKETSTORM",
        "id": "159080"
      },
      {
        "db": "PACKETSTORM",
        "id": "158881"
      },
      {
        "db": "PACKETSTORM",
        "id": "159082"
      }
    ],
    "trust": 0.8
  },
  "cve": "CVE-2020-10672",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2020-10672",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-163174",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2020-10672",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-10672",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            "id": "CVE-2020-10672",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-163174",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-163174"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). FasterXML Jackson is a data processing tool for Java developed by American FasterXML Company. jackson-databind is one of the components with data binding function. A security vulnerability exists in FasterXML jackson-databind 2.x prior to 2.9.10.4 due to insecure deserialization by org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aries.transaction.jms) . A remote attacker could exploit this vulnerability with specially crafted input to execute arbitrary code on the system. Description:\n\nRed Hat Decision Manager is an open source decision management platform\nthat combines business rules management, complex event processing, Decision\nModel \u0026 Notation (DMN) execution, and Business Optimizer for solving\nplanning problems. It automates business decisions and makes that logic\navailable to the entire business. Summary:\n\nThis is a security update for JBoss EAP Continuous Delivery 19. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nSecurity Fix(es):\n\n* netty (CVE-2016-4970 CVE-2020-7238 CVE-2019-20444 CVE-2019-20445)\n\n* dom4j (CVE-2018-1000632)\n\n* elasticsearch (CVE-2018-3831)\n\n* pdfbox (CVE-2018-11797)\n\n* vertx (CVE-2018-12541)\n\n* spring-data-jpa (CVE-2019-3797)\n\n* mina-core (CVE-2019-0231)\n\n* jackson-databind (CVE-2019-12086 CVE-2019-16335 CVE-2019-14540\nCVE-2019-17267 CVE-2019-14892 CVE-2019-14893 CVE-2019-16942 CVE-2019-16943\nCVE-2019-17531 CVE-2019-20330 CVE-2020-10673 CVE-2020-10672 CVE-2020-8840\nCVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969\nCVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11620 CVE-2020-11619\nCVE-2020-14195 CVE-2020-14060 CVE-2020-14061 CVE-2020-14062)\n\n* jackson-mapper-asl (CVE-2019-10172)\n\n* hawtio (CVE-2019-9827)\n\n* undertow (CVE-2019-9511 CVE-2020-1757 CVE-2019-14888 CVE-2020-1745)\n\n* santuario (CVE-2019-12400)\n\n* apache-commons-beanutils (CVE-2019-10086)\n\n* cxf (CVE-2019-17573)\n\n* apache-commons-configuration (CVE-2020-1953)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nInstallation instructions are available from the Fuse 7.7.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.7/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1343616 - CVE-2016-4970 netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl\n1620529 - CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents\n1632452 - CVE-2018-3831 elasticsearch: Information exposure via _cluster/settings API\n1637492 - CVE-2018-11797 pdfbox: unbounded computation in parser resulting in a denial of service\n1638391 - CVE-2018-12541 vertx: WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake\n1697598 - CVE-2019-3797 spring-data-jpa: Additional information exposure with Spring Data JPA derived queries\n1700016 - CVE-2019-0231 mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure. \n1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Important: Red Hat JBoss Enterprise Application Platform 7.3.2 security update\nAdvisory ID:       RHSA-2020:3463-01\nProduct:           Red Hat JBoss Enterprise Application Platform\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2020:3463\nIssue date:        2020-08-17\nCVE Names:         CVE-2019-14900 CVE-2020-1710 CVE-2020-1748\n                   CVE-2020-10672 CVE-2020-10673 CVE-2020-10683\n                   CVE-2020-10687 CVE-2020-10693 CVE-2020-10714\n                   CVE-2020-10718 CVE-2020-10740 CVE-2020-14297\n====================================================================\n1. Summary:\n\nAn update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.3 for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss EAP 7.3 for BaseOS-8 - noarch\n\n3. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves\nas a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1\nand includes bug fixes and enhancements. See the Red Hat JBoss Enterprise\nApplication Platform 7.3.2 Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release. \n\nSecurity Fix(es):\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API\n(CVE-2020-10718)\n\n* dom4j: XML External Entity vulnerability in default SAX parser\n(CVE-2020-10683)\n\n* wildfly-elytron: session fixation when using FORM authentication\n(CVE-2020-10714)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to\npermitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing which could result in remote command execution\n(CVE-2020-10673)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM\n(CVE-2019-14900)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans\n(CVE-2020-10740)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing which could result in remote command execution\n(CVE-2020-10672)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230\n(CVE-2020-1710)\n\n* hibernate-validator: Improper input validation in the interpolation of\nconstraint error messages (CVE-2020-10693)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when\nusing alternative protection domain (CVE-2020-1748)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial\nof Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, see the CVE page(s) listed in the\nReferences section. \n\n4. Solution:\n\nBefore applying this update, ensure all previously released errata relevant\nto your system have been applied. \n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1666499 - CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM\n1694235 - CVE-2020-10683 dom4j: XML External Entity vulnerability in default SAX parser\n1785049 - CVE-2020-10687 Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests\n1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230\n1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages\n1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain\n1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution\n1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution\n1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication\n1828476 - CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API\n1834512 - CVE-2020-10740 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans\n1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-18793 - [GSS](7.3.z) Upgrade Hibernate ORM from 5.3.16 to 5.3.17\nJBEAP-19095 - [GSS](7.3.z) Upgrade wildfly-http-client from 1.0.20 to 1.0.21\nJBEAP-19134 - (7.3.z) Upgrade HAL from 3.2.8.Final-redhat-00001 to 3.2.9.Final\nJBEAP-19185 - (7.3.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.22.Final\nJBEAP-19203 - (7.3.z) WFCORE-4850 - Updating mockserver to 5.9.0. Exclusion of dependency from xom.io7m\nJBEAP-19205 - (7.3.z) Upgrade WildFly Core from 10.1.5.Final-redhat-00001 to 10.1.x\nJBEAP-19269 - [GSS](7.3.z) Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final\nJBEAP-19322 - (7.3.z) Upgrade XNIO from 3.7.7 to 3.7.8.SP1\nJBEAP-19325 - (7.3.z) Upgrade Infinispan from 9.4.18.Final-redhat-00001 to 9.4.19.Final-redhat-00001\nJBEAP-19397 - (7.3.z) Upgrade JSF based on Mojarra 2.3.9.SP09-redhat-00001 to 2.3.9.SP11-redhat-00001\nJBEAP-19410 - Tracker bug for the EAP 7.3.2 release for RHEL-7\nJBEAP-19411 - Tracker bug for the EAP 7.3.2 release for RHEL-8\nJBEAP-19529 - (7.3.z) Update PR template to include PR-processor hints. \nJBEAP-19564 - [GSS](7.3.z) Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001\nJBEAP-19585 - [GSS](7.3.z) Upgrade org.jboss.genericjms from 2.0.4 to 2.0.6\nJBEAP-19617 - (7.3.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001\nJBEAP-19619 - (7.3.z) Upgrade JBoss JSF API from 3.0.0.SP02-redhat-00001 to 3.0.0.SP04-redhat-00001\nJBEAP-19673 - (7.3.z) [WFCORE] Upgrade WildFly Common to 1.5.2.Final\nJBEAP-19674 - (7.3.z) [WFCORE] Upgrade galleon and wildfly-galleon-plugins from 4.1.2.Final to 4.2.4.Final\nJBEAP-19874 - [GSS](7.3.z) Upgrade wildfly-http-client from 1.0.21.Final-redhat-00001 to 1.0.22.Final-redhat-00001\n\n7. Package List:\n\nRed Hat JBoss EAP 7.3 for BaseOS-8:\n\nSource:\neap7-dom4j-2.1.3-1.redhat_00001.1.el8eap.src.rpm\neap7-elytron-web-1.6.2-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el8eap.src.rpm\neap7-hal-console-3.2.9-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-hibernate-5.3.17-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-infinispan-9.4.19-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-jackson-annotations-2.10.4-1.redhat_00001.1.el8eap.src.rpm\neap7-jackson-core-2.10.4-1.redhat_00001.1.el8eap.src.rpm\neap7-jackson-databind-2.10.4-1.redhat_00001.1.el8eap.src.rpm\neap7-jackson-jaxrs-providers-2.10.4-1.redhat_00001.1.el8eap.src.rpm\neap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el8eap.src.rpm\neap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el8eap.src.rpm\neap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el8eap.src.rpm\neap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el8eap.src.rpm\neap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el8eap.src.rpm\neap7-netty-4.1.48-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-undertow-2.0.30-4.SP4_redhat_00001.1.el8eap.src.rpm\neap7-wildfly-7.3.2-4.GA_redhat_00002.1.el8eap.src.rpm\neap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el8eap.src.rpm\neap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-wildfly-http-client-1.0.22-1.Final_redhat_00001.1.el8eap.src.rpm\n\nnoarch:\neap7-dom4j-2.1.3-1.redhat_00001.1.el8eap.noarch.rpm\neap7-glassfish-jsf-2.3.9-11.SP11_redhat_00001.1.el8eap.noarch.rpm\neap7-hal-console-3.2.9-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-core-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-entitymanager-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-envers-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-java8-5.3.17-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-validator-cdi-6.0.20-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-cachestore-jdbc-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-cachestore-remote-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-client-hotrod-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-commons-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-core-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-hibernate-cache-commons-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-hibernate-cache-spi-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-hibernate-cache-v53-9.4.19-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-common-api-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-common-impl-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-common-spi-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-core-api-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-core-impl-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-deployers-common-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-jdbc-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-ironjacamar-validator-1.4.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-annotations-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-core-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-databind-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-datatype-jdk8-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-datatype-jsr310-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-jaxrs-base-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-jaxrs-json-provider-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-module-jaxb-annotations-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-modules-base-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jackson-modules-java8-2.10.4-1.redhat_00001.1.el8eap.noarch.rpm\neap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-jboss-jsf-api_2.3_spec-3.0.0-4.SP04_redhat_00001.1.el8eap.noarch.rpm\neap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-jboss-server-migration-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-cli-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-core-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap6.4-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap7.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap7.1-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap7.2-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-eap7.3-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly10.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly10.1-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly11.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly12.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly13.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly14.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly15.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly16.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly17.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly18.0-server-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly8.2-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-server-migration-wildfly9.0-1.7.1-7.Final_redhat_00009.1.el8eap.noarch.rpm\neap7-jboss-xnio-base-3.7.8-1.SP1_redhat_00001.1.el8eap.noarch.rpm\neap7-netty-4.1.48-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-netty-all-4.1.48-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-undertow-2.0.30-4.SP4_redhat_00001.1.el8eap.noarch.rpm\neap7-undertow-server-1.6.2-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-7.3.2-4.GA_redhat_00002.1.el8eap.noarch.rpm\neap7-wildfly-common-1.5.2-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-wildfly-elytron-1.10.7-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-elytron-tool-1.10.7-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-http-client-common-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-http-ejb-client-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-http-naming-client-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-http-transaction-client-1.0.22-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-javadocs-7.3.2-4.GA_redhat_00002.1.el8eap.noarch.rpm\neap7-wildfly-modules-7.3.2-4.GA_redhat_00002.1.el8eap.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n8. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-14900\nhttps://access.redhat.com/security/cve/CVE-2020-1710\nhttps://access.redhat.com/security/cve/CVE-2020-1748\nhttps://access.redhat.com/security/cve/CVE-2020-10672\nhttps://access.redhat.com/security/cve/CVE-2020-10673\nhttps://access.redhat.com/security/cve/CVE-2020-10683\nhttps://access.redhat.com/security/cve/CVE-2020-10687\nhttps://access.redhat.com/security/cve/CVE-2020-10693\nhttps://access.redhat.com/security/cve/CVE-2020-10714\nhttps://access.redhat.com/security/cve/CVE-2020-10718\nhttps://access.redhat.com/security/cve/CVE-2020-10740\nhttps://access.redhat.com/security/cve/CVE-2020-14297\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/\n\n9. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXzqIgdzjgjWX9erEAQhAaw//ceEP1X/GXLqWVwEDOZhjR4akb8iOZC4P\nH8bYYEtAq7LHOTzfor0D1PsShzOfF6UjhpRYYhaFZN80Fs3cc27Pqk5MnF4qfdAf\nFnzZ/ze5jlclBPK+eSmGPvYCeuMK9EF+fRETRUOj0rdu3M1CLYUV1LNxOZk48Uen\nKRWbBEW8BzuYYUf+24ly76siqTZCW5oI+ZsMhuUqyUwxzu61uDL0nMYnOS+WZPL0\nxBafLiCZ1xc0pykIuqzqHPy+cvxCqkyXDJ5cOV16jeXhp5lNB0yk0LzQnck/+wKc\nRJtl/ySiuUUXH/p5FY9tAphgqvA7Plh0SpsvF0/UUsQIeqoZzx2Xr295OFUSOb26\nrebOBTDbky9zFWFXtRvnSo4cadQhYgemOkkKuX9NaQemyBRitvIjk0ZOw0cOtXdW\n5UecnSYFC5U46VzSNmPosuTkodyA20GJDxFX9v/iRP8wbsG0IpJz/1G1DMSk1+ba\noOtpxQxzuCOqhEVubkfgt0BbU4XgbYzBkKnfxfSaNVDpCCi1hCnHPC6gWR//jbP2\nqEy5MmbO8Sksn16fDgBTQ/g8YATe6pa7Q5DnIe+l+0thzm8kf3l9TG+YRKjoxtSV\nFwlVApI2o6Ebse7EPr96Ior5xMirxVML2rKgzQc7cG2s7gXvQ2NVkC0vCGdmGUGc\nzQFgGc2abfE=qmbe\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nThe JBoss server process must be restarted for the update to take effect",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      },
      {
        "db": "VULHUB",
        "id": "VHN-163174"
      },
      {
        "db": "PACKETSTORM",
        "id": "158650"
      },
      {
        "db": "PACKETSTORM",
        "id": "157859"
      },
      {
        "db": "PACKETSTORM",
        "id": "159083"
      },
      {
        "db": "PACKETSTORM",
        "id": "158636"
      },
      {
        "db": "PACKETSTORM",
        "id": "158891"
      },
      {
        "db": "PACKETSTORM",
        "id": "159080"
      },
      {
        "db": "PACKETSTORM",
        "id": "158881"
      },
      {
        "db": "PACKETSTORM",
        "id": "159082"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-10672",
        "trust": 1.9
      },
      {
        "db": "PACKETSTORM",
        "id": "158636",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "159083",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "159080",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "159082",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "158881",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "158891",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "158650",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "159208",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "158884",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "158889",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "158651",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "159081",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "158916",
        "trust": 0.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1150",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-163174",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "157859",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-163174"
      },
      {
        "db": "PACKETSTORM",
        "id": "158650"
      },
      {
        "db": "PACKETSTORM",
        "id": "157859"
      },
      {
        "db": "PACKETSTORM",
        "id": "159083"
      },
      {
        "db": "PACKETSTORM",
        "id": "158636"
      },
      {
        "db": "PACKETSTORM",
        "id": "158891"
      },
      {
        "db": "PACKETSTORM",
        "id": "159080"
      },
      {
        "db": "PACKETSTORM",
        "id": "158881"
      },
      {
        "db": "PACKETSTORM",
        "id": "159082"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      }
    ]
  },
  "id": "VAR-202003-1779",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-163174"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2026-04-10T23:35:44.701000Z",
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-502",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20200403-0002/"
      },
      {
        "trust": 1.1,
        "url": "https://github.com/fasterxml/jackson-databind/issues/2659"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html"
      },
      {
        "trust": 1.0,
        "url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/cve/cve-2020-10672"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.8,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10672"
      },
      {
        "trust": 0.8,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2020-10673"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2020-9547"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10673"
      },
      {
        "trust": 0.6,
        "url": "https://issues.jboss.org/):"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-9546"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-9548"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-8840"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1710"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10740"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14297"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10693"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10687"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-10714"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-14297"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14900"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10683"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10714"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-10683"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-10693"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-10687"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2019-14900"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-10740"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-1710"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-10718"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10718"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1748"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-1748"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-1695"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14307"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-14307"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-11112"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-11113"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-10968"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2019-17573"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20444"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17573"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20330"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2019-20445"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2019-20444"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-10969"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2019-20330"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-7238"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-11111"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20445"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-6950"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9547"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1695"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9548"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9546"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-8840"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-6950"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-14060"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-14061"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-11619"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-14062"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-16869"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-11620"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11111"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-12423"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-16869"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12423"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10968"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10969"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-16335"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-16942"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-16943"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14893"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-16942"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-14888"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14892"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-14892"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14888"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-1745"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-17531"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10086"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-16335"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-10086"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14540"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-16943"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-17267"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17531"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-14540"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-14893"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17267"
      },
      {
        "trust": 0.1,
        "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14060"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12406"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9514"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1718"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9515"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-13990"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11620"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9512"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-12406"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11612"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9514"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9515"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-1718"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9518"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13990"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3196"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=rhdm\u0026version=7.8.0"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11619"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7238"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9512"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11112"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-11612"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.8/html/release_notes_for_red_hat_decision_manager_7.8/index"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9518"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14061"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11113"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14062"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10174"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:2333"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform_continuous_delivery/19/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14887"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10688"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0210"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0205"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12419"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-0210"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-14887"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-10688"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product\\xeap-cd\u0026downloadtype=securitypatches\u0026version\u0019"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-12419"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-10174"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-0205"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-1732"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3642"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11797"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10172"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-12086"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-1000632"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000632"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9511"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12400"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-3831"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-0231"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-11797"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.7.0"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-12541"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3797"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-4970"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9827"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.7/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9511"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-10172"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12086"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4970"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-1953"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-1757"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0231"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9827"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3831"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-12400"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12541"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3192"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-14195"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-3797"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3463"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3639"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3464"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2020:3638"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-163174"
      },
      {
        "db": "PACKETSTORM",
        "id": "158650"
      },
      {
        "db": "PACKETSTORM",
        "id": "157859"
      },
      {
        "db": "PACKETSTORM",
        "id": "159083"
      },
      {
        "db": "PACKETSTORM",
        "id": "158636"
      },
      {
        "db": "PACKETSTORM",
        "id": "158891"
      },
      {
        "db": "PACKETSTORM",
        "id": "159080"
      },
      {
        "db": "PACKETSTORM",
        "id": "158881"
      },
      {
        "db": "PACKETSTORM",
        "id": "159082"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10672"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-163174",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "158650",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "157859",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "159083",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "158636",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "158891",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "159080",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "158881",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "159082",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10672",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2020-03-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-163174",
        "ident": null
      },
      {
        "date": "2020-07-29T17:52:58",
        "db": "PACKETSTORM",
        "id": "158650",
        "ident": null
      },
      {
        "date": "2020-05-28T16:22:46",
        "db": "PACKETSTORM",
        "id": "157859",
        "ident": null
      },
      {
        "date": "2020-09-07T16:39:48",
        "db": "PACKETSTORM",
        "id": "159083",
        "ident": null
      },
      {
        "date": "2020-07-29T00:05:59",
        "db": "PACKETSTORM",
        "id": "158636",
        "ident": null
      },
      {
        "date": "2020-08-17T17:43:22",
        "db": "PACKETSTORM",
        "id": "158891",
        "ident": null
      },
      {
        "date": "2020-09-07T16:37:51",
        "db": "PACKETSTORM",
        "id": "159080",
        "ident": null
      },
      {
        "date": "2020-08-17T15:35:45",
        "db": "PACKETSTORM",
        "id": "158881",
        "ident": null
      },
      {
        "date": "2020-09-07T16:39:28",
        "db": "PACKETSTORM",
        "id": "159082",
        "ident": null
      },
      {
        "date": "2020-03-18T22:15:12.313000",
        "db": "NVD",
        "id": "CVE-2020-10672",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2021-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-163174",
        "ident": null
      },
      {
        "date": "2024-11-21T04:55:49.050000",
        "db": "NVD",
        "id": "CVE-2020-10672",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "159083"
      },
      {
        "db": "PACKETSTORM",
        "id": "158891"
      },
      {
        "db": "PACKETSTORM",
        "id": "159080"
      },
      {
        "db": "PACKETSTORM",
        "id": "158881"
      },
      {
        "db": "PACKETSTORM",
        "id": "159082"
      }
    ],
    "trust": 0.5
  },
  "title": {
    "_id": null,
    "data": "Red Hat Security Advisory 2020-3196-01",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "158650"
      }
    ],
    "trust": 0.1
  },
  "type": {
    "_id": null,
    "data": "sql injection",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "159083"
      },
      {
        "db": "PACKETSTORM",
        "id": "158891"
      },
      {
        "db": "PACKETSTORM",
        "id": "159080"
      },
      {
        "db": "PACKETSTORM",
        "id": "158881"
      },
      {
        "db": "PACKETSTORM",
        "id": "159082"
      }
    ],
    "trust": 0.5
  }
}

WID-SEC-W-2022-1912

Vulnerability from csaf_certbund - Published: 2020-08-17 22:00 - Updated: 2025-02-23 23:00

Summary

Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um Code zur Ausführung zu bringen, Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.

Betroffene Betriebssysteme: - Linux

CVE-2019-14900

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10672

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10673

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10683

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10687

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10693

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10714

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10718

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-10740

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-14297

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-1710

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

CVE-2020-1748

Affected products

Known affected 7 products

Product	Identifier	Version
Red Hat JBoss Enterprise Application Platform <7.3.2 Red Hat / JBoss Enterprise Application Platform		<7.3.2
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.9 Red Hat / JBoss Enterprise Application Platform		<7.1.9
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—

References

32 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2020:3461	external
https://access.redhat.com/errata/RHSA-2020:3462	external
https://access.redhat.com/errata/RHSA-2020:3463	external
https://access.redhat.com/errata/RHSA-2020:3464	external
https://access.redhat.com/errata/RHSA-2020:3501	external
https://access.redhat.com/errata/RHSA-2020:3585	external
https://access.redhat.com/errata/RHSA-2020:3539	external
https://access.redhat.com/errata/RHSA-2020:3642	external
https://access.redhat.com/errata/RHSA-2020:3637	external
https://access.redhat.com/errata/RHSA-2020:3639	external
https://access.redhat.com/errata/RHSA-2020:3638	external
https://access.redhat.com/errata/RHSA-2020:3779	external
https://access.redhat.com/errata/RHSA-2020:3806	external
http://lists.suse.com/pipermail/sle-security-upda…	external
https://usn.ubuntu.com/4575-1/	external
https://access.redhat.com/errata/RHSA-2020:4252	external
https://access.redhat.com/errata/RHSA-2020:4960	external
https://access.redhat.com/errata/RHSA-2020:4961	external
https://www.hitachi.co.jp/Prod/comp/soft1/global/…	external
https://access.redhat.com/errata/RHSA-2020:5568	external
https://access.redhat.com/errata/RHSA-2021:0885	external
https://access.redhat.com/errata/RHSA-2021:0872	external
https://access.redhat.com/errata/RHSA-2021:0873	external
https://access.redhat.com/errata/RHSA-2021:0874	external
https://access.redhat.com/errata/RHSA-2021:0974	external
https://access.redhat.com/errata/RHSA-2021:2210	external
https://access.redhat.com/errata/RHSA-2021:2755	external
https://access.redhat.com/errata/RHSA-2021:3140	external
https://www.hitachi.co.jp/Prod/comp/soft1/global/…	external
https://access.redhat.com/errata/RHSA-2025:1746	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "JBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um Code zur Ausf\u00fchrung zu bringen, Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-1912 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1912.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-1912 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1912"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2020-08-17",
        "url": "https://access.redhat.com/errata/RHSA-2020:3461"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2020-08-17",
        "url": "https://access.redhat.com/errata/RHSA-2020:3462"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2020-08-17",
        "url": "https://access.redhat.com/errata/RHSA-2020:3463"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2020-08-17",
        "url": "https://access.redhat.com/errata/RHSA-2020:3464"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3501 vom 2020-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2020:3501"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3585 vom 2020-08-31",
        "url": "https://access.redhat.com/errata/RHSA-2020:3585"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3539 vom 2020-09-02",
        "url": "https://access.redhat.com/errata/RHSA-2020:3539"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3642 vom 2020-09-07",
        "url": "https://access.redhat.com/errata/RHSA-2020:3642"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3637 vom 2020-09-07",
        "url": "https://access.redhat.com/errata/RHSA-2020:3637"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3639 vom 2020-09-07",
        "url": "https://access.redhat.com/errata/RHSA-2020:3639"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3638 vom 2020-09-07",
        "url": "https://access.redhat.com/errata/RHSA-2020:3638"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3779 vom 2020-09-17",
        "url": "https://access.redhat.com/errata/RHSA-2020:3779"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3806 vom 2020-09-23",
        "url": "https://access.redhat.com/errata/RHSA-2020:3806"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2832-1 vom 2020-10-02",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-October/007517.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-4575-1 vom 2020-10-14",
        "url": "https://usn.ubuntu.com/4575-1/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4252 vom 2020-10-14",
        "url": "https://access.redhat.com/errata/RHSA-2020:4252"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4960 vom 2020-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2020:4960"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4961 vom 2020-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2020:4961"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2020-136 vom 2020-12-11",
        "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-136/index.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:5568 vom 2020-12-16",
        "url": "https://access.redhat.com/errata/RHSA-2020:5568"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0885 vom 2021-03-16",
        "url": "https://access.redhat.com/errata/RHSA-2021:0885"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0872 vom 2021-03-16",
        "url": "https://access.redhat.com/errata/RHSA-2021:0872"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0873 vom 2021-03-16",
        "url": "https://access.redhat.com/errata/RHSA-2021:0873"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0874 vom 2021-03-16",
        "url": "https://access.redhat.com/errata/RHSA-2021:0874"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0974 vom 2021-03-23",
        "url": "https://access.redhat.com/errata/RHSA-2021:0974"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:2210 vom 2021-06-02",
        "url": "https://access.redhat.com/errata/RHSA-2021:2210"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:2755 vom 2021-07-15",
        "url": "https://access.redhat.com/errata/RHSA-2021:2755"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:3140 vom 2021-08-11",
        "url": "https://access.redhat.com/errata/RHSA-2021:3140"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-136 vom 2022-11-01",
        "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-136/index.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1746 vom 2025-02-24",
        "url": "https://access.redhat.com/errata/RHSA-2025:1746"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-02-23T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-24T09:10:42.470+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2022-1912",
      "initial_release_date": "2020-08-17T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2020-08-17T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2020-08-18T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-08-31T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-09-01T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-09-07T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-09-17T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-09-23T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-10-04T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-10-13T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2020-11-05T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-12-10T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2020-12-16T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-03-16T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-03-23T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-06-03T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-07-15T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-08-11T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-10-31T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2025-02-23T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "19"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Hitachi Ops Center",
            "product": {
              "name": "Hitachi Ops Center",
              "product_id": "T017562",
              "product_identification_helper": {
                "cpe": "cpe:/a:hitachi:ops_center:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Hitachi Network Attached Storage",
            "product": {
              "name": "Hitachi Network Attached Storage",
              "product_id": "T011055",
              "product_identification_helper": {
                "cpe": "cpe:/h:hitachi:virtual_storage_platform:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.3.2",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform \u003c7.3.2",
                  "product_id": "130262"
                }
              },
              {
                "category": "product_version",
                "name": "7.3.2",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 7.3.2",
                  "product_id": "130262-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.1.9",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform \u003c7.1.9",
                  "product_id": "T041370"
                }
              },
              {
                "category": "product_version",
                "name": "7.1.9",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 7.1.9",
                  "product_id": "T041370-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-14900",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2019-14900"
    },
    {
      "cve": "CVE-2020-10672",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10672"
    },
    {
      "cve": "CVE-2020-10673",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10673"
    },
    {
      "cve": "CVE-2020-10683",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10683"
    },
    {
      "cve": "CVE-2020-10687",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10687"
    },
    {
      "cve": "CVE-2020-10693",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10693"
    },
    {
      "cve": "CVE-2020-10714",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10714"
    },
    {
      "cve": "CVE-2020-10718",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10718"
    },
    {
      "cve": "CVE-2020-10740",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-10740"
    },
    {
      "cve": "CVE-2020-14297",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-14297"
    },
    {
      "cve": "CVE-2020-1710",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-1710"
    },
    {
      "cve": "CVE-2020-1748",
      "product_status": {
        "known_affected": [
          "130262",
          "T002207",
          "T041370",
          "67646",
          "T000126",
          "T011055",
          "T017562"
        ]
      },
      "release_date": "2020-08-17T22:00:00.000+00:00",
      "title": "CVE-2020-1748"
    }
  ]
}

WID-SEC-W-2024-0794

Vulnerability from csaf_certbund - Published: 2024-04-04 22:00 - Updated: 2024-11-27 23:00

Summary

Dell ECS: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Dell ECS ist ein Objektspeichersystem.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2018-18074

In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-10663

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-10672

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-10673

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-10735

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-10968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-10969

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11111

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11112

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11113

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11612

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11619

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11620

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-11979

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-12762

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-12825

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-13956

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-14060

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-14061

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-14062

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-14195

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-15250

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-1945

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-1967

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-1971

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-24616

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-24750

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-25649

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-25658

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-26116

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-26137

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-26541

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-27216

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-27218

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-27223

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-28366

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-28493

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-29509

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-29511

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-29582

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-29651

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-35490

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-35491

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-35728

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36179

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36180

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36181

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36182

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36183

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36184

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36185

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36186

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36187

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36188

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36189

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36516

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36518

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36557

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36558

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-36691

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-7238

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-8840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-8908

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-8911

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-8912

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-9488

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-9493

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-9546

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-9547

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2020-9548

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-20190

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-20323

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-21290

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-21295

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-21409

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-23840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-23841

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-2471

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-25642

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-26341

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-27918

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-28153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-28165

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-28169

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-28861

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-29425

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-30560

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3114

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33036

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33194

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33195

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33196

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33197

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33503

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33655

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-33656

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3424

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-34428

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3449

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3450

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3530

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-36221

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-36373

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-36374

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3648

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-36690

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3711

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3712

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-37136

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-37137

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-37404

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-37533

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3754

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3778

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3796

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3826

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3827

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-38297

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3872

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3875

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3903

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3923

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3927

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3928

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3973

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3974

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-3984

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4019

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4037

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4069

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4104

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4136

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4157

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4166

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-41771

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4192

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4193

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-4203

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-42567

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-43797

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-44531

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-44532

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-44533

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-44716

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-44878

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-45078

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-46195

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-46828

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2021-46848

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0128

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0213

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0225

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0261

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0318

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0319

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0351

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0359

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0361

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0392

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0407

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0413

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0561

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0696

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-0778

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1184

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1245

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1271

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1292

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1381

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1420

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1462

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1466

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1471

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1586

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1587

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1616

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1619

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1620

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1679

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1705

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1720

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1729

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1733

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1735

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1771

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1785

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1796

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1851

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1897

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1898

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1927

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1962

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1974

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-1975

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20132

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20154

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20166

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20368

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20369

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2047

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2048

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-20567

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2068

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2097

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21216

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21233

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2124

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2125

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2126

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2129

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21363

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21385

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21499

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21540

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21541

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21549

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21618

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21619

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21624

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21626

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21628

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-21702

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2175

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2182

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2183

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2206

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2207

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2208

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2210

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2231

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2256

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2257

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2264

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2284

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2285

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2286

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2287

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-22976

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-22978

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2304

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2318

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23302

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23305

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23307

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2343

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2344

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2345

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23471

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23521

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23772

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-23773

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-24302

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-24329

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-24823

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-24903

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2503

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-25147

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-25168

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2519

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2520

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2521

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2522

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-25647

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2571

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2580

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2581

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-25857

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2588

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2598

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-26148

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-26365

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-26373

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2639

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-26612

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2663

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-27781

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-27782

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-27943

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2795

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-28131

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2816

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2817

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2819

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-28327

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2845

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2849

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2862

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2867

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2868

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2869

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-28693

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2874

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-28748

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2880

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2889

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-29162

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-29187

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2923

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2946

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-29526

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-29583

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2964

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2977

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2980

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2982

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-29900

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-29901

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-2991

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3016

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3028

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3037

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-30580

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-30630

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-30631

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-30632

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-30633

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3099

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-31030

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-31159

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3134

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3169

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-31690

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-32148

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-32149

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-32206

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-32208

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-32221

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3234

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3235

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3239

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3278

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3296

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3297

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-33196

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3324

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3352

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-33740

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-33741

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-33742

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-33972

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-33981

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-34169

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3424

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-34266

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-34526

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-34903

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3491

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3515

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3520

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3521

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3524

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-35252

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3542

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3545

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3564

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3565

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3566

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3567

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-35737

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3586

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3591

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3594

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3597

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3599

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-36109

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3621

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3626

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3627

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3628

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-36280

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3629

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3635

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3643

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-36437

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3646

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3649

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-36760

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-36879

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-36946

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3705

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-37434

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-37436

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-37865

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-37866

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38090

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38096

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38126

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38127

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38177

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38178

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3821

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38533

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38749

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38750

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38751

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-38752

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-39028

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3903

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-39188

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-39399

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-3970

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40149

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40150

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40151

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40152

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40303

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40304

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40307

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40674

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40768

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-40899

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4095

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41218

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4129

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41717

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41721

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41848

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41850

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41854

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41858

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41881

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41903

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41915

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41966

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-41974

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42003

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42004

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42010

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42011

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42012

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42328

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42329

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42703

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42889

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42895

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42896

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42898

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4292

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4293

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-42969

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4304

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-43552

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-43680

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-43750

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4378

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-43945

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-43995

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4415

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4450

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-44638

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45061

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45688

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45884

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45885

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45886

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45887

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45919

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45934

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-45939

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-4662

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-46751

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-46908

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-47629

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-47929

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-48281

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-48337

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2022-48339

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0045

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0049

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0051

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0054

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0215

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0286

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0288

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0433

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0464

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0465

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0466

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0512

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0590

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0597

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-0833

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1076

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1095

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1118

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1127

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1170

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1175

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1370

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1380

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1390

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1436

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1513

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1611

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1670

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1855

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1989

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1990

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-1998

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-20862

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2124

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2162

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2176

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21830

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21835

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21843

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21930

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21937

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21938

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21939

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2194

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21954

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21967

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-21968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-22490

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2253

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-22809

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-23454

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-23455

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-23559

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-23916

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-23946

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-24329

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-24532

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-24534

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2483

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-24998

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2513

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-25193

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-25652

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-25690

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-25809

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-25815

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-26048

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-26049

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2650

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-26545

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-26604

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-27533

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-27534

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-27535

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-27536

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-27538

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-27561

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2828

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28320

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28321

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28322

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28328

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28464

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28486

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28487

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28642

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28772

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28841

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-28842

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-29007

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-29383

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-29402

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-29406

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-29409

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-2976

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-30630

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-30772

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-31084

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-3138

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-31436

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-31484

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-32269

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-32697

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-33264

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-34034

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-34035

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-34453

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-34454

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-34455

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-34462

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-35116

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-3635

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-36479

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-39533

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-40167

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-40217

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-41105

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-41900

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-43642

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-43804

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-44487

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2023-45803

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

CVE-2024-21626

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell ECS <3.8.1.0 Dell / ECS		<3.8.1.0

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.dell.com/support/kbdoc/000223839/dsa-2024-=	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dell ECS ist ein Objektspeichersystem.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0794 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0794.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0794 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0794"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-141 vom 2024-04-04",
        "url": "https://www.dell.com/support/kbdoc/000223839/dsa-2024-="
      }
    ],
    "source_lang": "en-US",
    "title": "Dell ECS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-27T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-28T11:39:04.623+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-0794",
      "initial_release_date": "2024-04-04T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-04T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-27T23:00:00.000+00:00",
          "number": "2",
          "summary": "Produktzuordnung \u00fcberpr\u00fcft"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.8.1.0",
                "product": {
                  "name": "Dell ECS \u003c3.8.1.0",
                  "product_id": "T033919"
                }
              },
              {
                "category": "product_version",
                "name": "3.8.1.0",
                "product": {
                  "name": "Dell ECS 3.8.1.0",
                  "product_id": "T033919-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:ecs:3.8.1.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ECS"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-18074",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2018-18074"
    },
    {
      "cve": "CVE-2020-10663",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-10663"
    },
    {
      "cve": "CVE-2020-10672",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-10672"
    },
    {
      "cve": "CVE-2020-10673",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-10673"
    },
    {
      "cve": "CVE-2020-10735",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-10735"
    },
    {
      "cve": "CVE-2020-10968",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-10968"
    },
    {
      "cve": "CVE-2020-10969",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-10969"
    },
    {
      "cve": "CVE-2020-11111",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11111"
    },
    {
      "cve": "CVE-2020-11112",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11112"
    },
    {
      "cve": "CVE-2020-11113",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11113"
    },
    {
      "cve": "CVE-2020-11612",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11612"
    },
    {
      "cve": "CVE-2020-11619",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11619"
    },
    {
      "cve": "CVE-2020-11620",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11620"
    },
    {
      "cve": "CVE-2020-11979",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-11979"
    },
    {
      "cve": "CVE-2020-12762",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2020-12825",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-12825"
    },
    {
      "cve": "CVE-2020-13956",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-13956"
    },
    {
      "cve": "CVE-2020-14060",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-14060"
    },
    {
      "cve": "CVE-2020-14061",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-14061"
    },
    {
      "cve": "CVE-2020-14062",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-14062"
    },
    {
      "cve": "CVE-2020-14195",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-14195"
    },
    {
      "cve": "CVE-2020-15250",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-15250"
    },
    {
      "cve": "CVE-2020-1945",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-1945"
    },
    {
      "cve": "CVE-2020-1967",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-1967"
    },
    {
      "cve": "CVE-2020-1971",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-1971"
    },
    {
      "cve": "CVE-2020-24616",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-24616"
    },
    {
      "cve": "CVE-2020-24750",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-24750"
    },
    {
      "cve": "CVE-2020-25649",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-25649"
    },
    {
      "cve": "CVE-2020-25658",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-25658"
    },
    {
      "cve": "CVE-2020-26116",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-26116"
    },
    {
      "cve": "CVE-2020-26137",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-26137"
    },
    {
      "cve": "CVE-2020-26541",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-26541"
    },
    {
      "cve": "CVE-2020-27216",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-27216"
    },
    {
      "cve": "CVE-2020-27218",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-27218"
    },
    {
      "cve": "CVE-2020-27223",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-27223"
    },
    {
      "cve": "CVE-2020-28366",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-28366"
    },
    {
      "cve": "CVE-2020-28493",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-28493"
    },
    {
      "cve": "CVE-2020-29509",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-29509"
    },
    {
      "cve": "CVE-2020-29511",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-29511"
    },
    {
      "cve": "CVE-2020-29582",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-29582"
    },
    {
      "cve": "CVE-2020-29651",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-29651"
    },
    {
      "cve": "CVE-2020-35490",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-35490"
    },
    {
      "cve": "CVE-2020-35491",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-35491"
    },
    {
      "cve": "CVE-2020-35728",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-35728"
    },
    {
      "cve": "CVE-2020-36179",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36179"
    },
    {
      "cve": "CVE-2020-36180",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36180"
    },
    {
      "cve": "CVE-2020-36181",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36181"
    },
    {
      "cve": "CVE-2020-36182",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36182"
    },
    {
      "cve": "CVE-2020-36183",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36183"
    },
    {
      "cve": "CVE-2020-36184",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36184"
    },
    {
      "cve": "CVE-2020-36185",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36185"
    },
    {
      "cve": "CVE-2020-36186",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36186"
    },
    {
      "cve": "CVE-2020-36187",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36187"
    },
    {
      "cve": "CVE-2020-36188",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36188"
    },
    {
      "cve": "CVE-2020-36189",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36189"
    },
    {
      "cve": "CVE-2020-36516",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36516"
    },
    {
      "cve": "CVE-2020-36518",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36518"
    },
    {
      "cve": "CVE-2020-36557",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36557"
    },
    {
      "cve": "CVE-2020-36558",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36558"
    },
    {
      "cve": "CVE-2020-36691",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-36691"
    },
    {
      "cve": "CVE-2020-7238",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-7238"
    },
    {
      "cve": "CVE-2020-8840",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-8840"
    },
    {
      "cve": "CVE-2020-8908",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-8908"
    },
    {
      "cve": "CVE-2020-8911",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-8911"
    },
    {
      "cve": "CVE-2020-8912",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-8912"
    },
    {
      "cve": "CVE-2020-9488",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-9488"
    },
    {
      "cve": "CVE-2020-9493",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-9493"
    },
    {
      "cve": "CVE-2020-9546",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-9546"
    },
    {
      "cve": "CVE-2020-9547",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-9547"
    },
    {
      "cve": "CVE-2020-9548",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2020-9548"
    },
    {
      "cve": "CVE-2021-20190",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-20190"
    },
    {
      "cve": "CVE-2021-20323",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-20323"
    },
    {
      "cve": "CVE-2021-21290",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-21290"
    },
    {
      "cve": "CVE-2021-21295",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-21295"
    },
    {
      "cve": "CVE-2021-21409",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-21409"
    },
    {
      "cve": "CVE-2021-23840",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-23840"
    },
    {
      "cve": "CVE-2021-23841",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-23841"
    },
    {
      "cve": "CVE-2021-2471",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-2471"
    },
    {
      "cve": "CVE-2021-25642",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-25642"
    },
    {
      "cve": "CVE-2021-26341",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-26341"
    },
    {
      "cve": "CVE-2021-27918",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-27918"
    },
    {
      "cve": "CVE-2021-28153",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-28153"
    },
    {
      "cve": "CVE-2021-28165",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-28165"
    },
    {
      "cve": "CVE-2021-28169",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-28169"
    },
    {
      "cve": "CVE-2021-28861",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-28861"
    },
    {
      "cve": "CVE-2021-29425",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-29425"
    },
    {
      "cve": "CVE-2021-30560",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-30560"
    },
    {
      "cve": "CVE-2021-3114",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3114"
    },
    {
      "cve": "CVE-2021-33036",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33036"
    },
    {
      "cve": "CVE-2021-33194",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33194"
    },
    {
      "cve": "CVE-2021-33195",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33195"
    },
    {
      "cve": "CVE-2021-33196",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33196"
    },
    {
      "cve": "CVE-2021-33197",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33197"
    },
    {
      "cve": "CVE-2021-33503",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33503"
    },
    {
      "cve": "CVE-2021-33655",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33655"
    },
    {
      "cve": "CVE-2021-33656",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-33656"
    },
    {
      "cve": "CVE-2021-3424",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3424"
    },
    {
      "cve": "CVE-2021-34428",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-34428"
    },
    {
      "cve": "CVE-2021-3449",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3449"
    },
    {
      "cve": "CVE-2021-3450",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3450"
    },
    {
      "cve": "CVE-2021-3530",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3530"
    },
    {
      "cve": "CVE-2021-36221",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-36221"
    },
    {
      "cve": "CVE-2021-36373",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-36373"
    },
    {
      "cve": "CVE-2021-36374",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-36374"
    },
    {
      "cve": "CVE-2021-3648",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3648"
    },
    {
      "cve": "CVE-2021-36690",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-36690"
    },
    {
      "cve": "CVE-2021-3711",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3711"
    },
    {
      "cve": "CVE-2021-3712",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3712"
    },
    {
      "cve": "CVE-2021-37136",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-37136"
    },
    {
      "cve": "CVE-2021-37137",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-37137"
    },
    {
      "cve": "CVE-2021-37404",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-37404"
    },
    {
      "cve": "CVE-2021-37533",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-37533"
    },
    {
      "cve": "CVE-2021-3754",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3754"
    },
    {
      "cve": "CVE-2021-3778",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3778"
    },
    {
      "cve": "CVE-2021-3796",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3796"
    },
    {
      "cve": "CVE-2021-3826",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3826"
    },
    {
      "cve": "CVE-2021-3827",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3827"
    },
    {
      "cve": "CVE-2021-38297",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-38297"
    },
    {
      "cve": "CVE-2021-3872",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3872"
    },
    {
      "cve": "CVE-2021-3875",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3875"
    },
    {
      "cve": "CVE-2021-3903",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3903"
    },
    {
      "cve": "CVE-2021-3923",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3923"
    },
    {
      "cve": "CVE-2021-3927",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3927"
    },
    {
      "cve": "CVE-2021-3928",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3928"
    },
    {
      "cve": "CVE-2021-3968",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3968"
    },
    {
      "cve": "CVE-2021-3973",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3973"
    },
    {
      "cve": "CVE-2021-3974",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3974"
    },
    {
      "cve": "CVE-2021-3984",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-3984"
    },
    {
      "cve": "CVE-2021-4019",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4019"
    },
    {
      "cve": "CVE-2021-4037",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4037"
    },
    {
      "cve": "CVE-2021-4069",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4069"
    },
    {
      "cve": "CVE-2021-4104",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4104"
    },
    {
      "cve": "CVE-2021-4136",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4136"
    },
    {
      "cve": "CVE-2021-4157",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4157"
    },
    {
      "cve": "CVE-2021-4166",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4166"
    },
    {
      "cve": "CVE-2021-41771",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-41771"
    },
    {
      "cve": "CVE-2021-4192",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4192"
    },
    {
      "cve": "CVE-2021-4193",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4193"
    },
    {
      "cve": "CVE-2021-4203",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-4203"
    },
    {
      "cve": "CVE-2021-42567",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-42567"
    },
    {
      "cve": "CVE-2021-43797",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-43797"
    },
    {
      "cve": "CVE-2021-44531",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-44531"
    },
    {
      "cve": "CVE-2021-44532",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-44532"
    },
    {
      "cve": "CVE-2021-44533",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-44533"
    },
    {
      "cve": "CVE-2021-44716",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-44716"
    },
    {
      "cve": "CVE-2021-44878",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-44878"
    },
    {
      "cve": "CVE-2021-45078",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-45078"
    },
    {
      "cve": "CVE-2021-46195",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-46195"
    },
    {
      "cve": "CVE-2021-46828",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-46828"
    },
    {
      "cve": "CVE-2021-46848",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2021-46848"
    },
    {
      "cve": "CVE-2022-0128",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0128"
    },
    {
      "cve": "CVE-2022-0213",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0213"
    },
    {
      "cve": "CVE-2022-0225",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0225"
    },
    {
      "cve": "CVE-2022-0261",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0261"
    },
    {
      "cve": "CVE-2022-0318",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0318"
    },
    {
      "cve": "CVE-2022-0319",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0319"
    },
    {
      "cve": "CVE-2022-0351",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0351"
    },
    {
      "cve": "CVE-2022-0359",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0359"
    },
    {
      "cve": "CVE-2022-0361",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0361"
    },
    {
      "cve": "CVE-2022-0392",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0392"
    },
    {
      "cve": "CVE-2022-0407",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0407"
    },
    {
      "cve": "CVE-2022-0413",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0413"
    },
    {
      "cve": "CVE-2022-0561",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0561"
    },
    {
      "cve": "CVE-2022-0696",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0696"
    },
    {
      "cve": "CVE-2022-0778",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-1184",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1184"
    },
    {
      "cve": "CVE-2022-1245",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1245"
    },
    {
      "cve": "CVE-2022-1271",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-1292",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1381",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1381"
    },
    {
      "cve": "CVE-2022-1420",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1420"
    },
    {
      "cve": "CVE-2022-1462",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1462"
    },
    {
      "cve": "CVE-2022-1466",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1466"
    },
    {
      "cve": "CVE-2022-1471",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1471"
    },
    {
      "cve": "CVE-2022-1586",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1586"
    },
    {
      "cve": "CVE-2022-1587",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1587"
    },
    {
      "cve": "CVE-2022-1616",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1616"
    },
    {
      "cve": "CVE-2022-1619",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1619"
    },
    {
      "cve": "CVE-2022-1620",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1620"
    },
    {
      "cve": "CVE-2022-1679",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1679"
    },
    {
      "cve": "CVE-2022-1705",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1705"
    },
    {
      "cve": "CVE-2022-1720",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1720"
    },
    {
      "cve": "CVE-2022-1729",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1729"
    },
    {
      "cve": "CVE-2022-1733",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1733"
    },
    {
      "cve": "CVE-2022-1735",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1735"
    },
    {
      "cve": "CVE-2022-1771",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1771"
    },
    {
      "cve": "CVE-2022-1785",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1785"
    },
    {
      "cve": "CVE-2022-1796",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1796"
    },
    {
      "cve": "CVE-2022-1851",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1851"
    },
    {
      "cve": "CVE-2022-1897",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1897"
    },
    {
      "cve": "CVE-2022-1898",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1898"
    },
    {
      "cve": "CVE-2022-1927",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1927"
    },
    {
      "cve": "CVE-2022-1962",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1962"
    },
    {
      "cve": "CVE-2022-1968",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1968"
    },
    {
      "cve": "CVE-2022-1974",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1974"
    },
    {
      "cve": "CVE-2022-1975",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-1975"
    },
    {
      "cve": "CVE-2022-20132",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20132"
    },
    {
      "cve": "CVE-2022-20141",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20141"
    },
    {
      "cve": "CVE-2022-20154",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20154"
    },
    {
      "cve": "CVE-2022-20166",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20166"
    },
    {
      "cve": "CVE-2022-20368",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20368"
    },
    {
      "cve": "CVE-2022-20369",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20369"
    },
    {
      "cve": "CVE-2022-2047",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2047"
    },
    {
      "cve": "CVE-2022-2048",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2048"
    },
    {
      "cve": "CVE-2022-20567",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-20567"
    },
    {
      "cve": "CVE-2022-2068",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2097",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-21216",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21216"
    },
    {
      "cve": "CVE-2022-21233",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21233"
    },
    {
      "cve": "CVE-2022-2124",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2124"
    },
    {
      "cve": "CVE-2022-2125",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2125"
    },
    {
      "cve": "CVE-2022-2126",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2126"
    },
    {
      "cve": "CVE-2022-2129",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2129"
    },
    {
      "cve": "CVE-2022-21363",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21363"
    },
    {
      "cve": "CVE-2022-21385",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21385"
    },
    {
      "cve": "CVE-2022-21499",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21499"
    },
    {
      "cve": "CVE-2022-2153",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2153"
    },
    {
      "cve": "CVE-2022-21540",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21540"
    },
    {
      "cve": "CVE-2022-21541",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21541"
    },
    {
      "cve": "CVE-2022-21549",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21549"
    },
    {
      "cve": "CVE-2022-21618",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21618"
    },
    {
      "cve": "CVE-2022-21619",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21619"
    },
    {
      "cve": "CVE-2022-21624",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21624"
    },
    {
      "cve": "CVE-2022-21626",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21626"
    },
    {
      "cve": "CVE-2022-21628",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21628"
    },
    {
      "cve": "CVE-2022-21702",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-21702"
    },
    {
      "cve": "CVE-2022-2175",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2175"
    },
    {
      "cve": "CVE-2022-2182",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2182"
    },
    {
      "cve": "CVE-2022-2183",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2183"
    },
    {
      "cve": "CVE-2022-2206",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2206"
    },
    {
      "cve": "CVE-2022-2207",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2207"
    },
    {
      "cve": "CVE-2022-2208",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2208"
    },
    {
      "cve": "CVE-2022-2210",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2210"
    },
    {
      "cve": "CVE-2022-2231",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2231"
    },
    {
      "cve": "CVE-2022-2256",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2256"
    },
    {
      "cve": "CVE-2022-2257",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2257"
    },
    {
      "cve": "CVE-2022-2264",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2264"
    },
    {
      "cve": "CVE-2022-2284",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2284"
    },
    {
      "cve": "CVE-2022-2285",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2285"
    },
    {
      "cve": "CVE-2022-2286",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2286"
    },
    {
      "cve": "CVE-2022-2287",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2287"
    },
    {
      "cve": "CVE-2022-22976",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-22976"
    },
    {
      "cve": "CVE-2022-22978",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-22978"
    },
    {
      "cve": "CVE-2022-2304",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2304"
    },
    {
      "cve": "CVE-2022-2318",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2318"
    },
    {
      "cve": "CVE-2022-23302",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23302"
    },
    {
      "cve": "CVE-2022-23305",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23305"
    },
    {
      "cve": "CVE-2022-23307",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23307"
    },
    {
      "cve": "CVE-2022-2343",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2343"
    },
    {
      "cve": "CVE-2022-2344",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2344"
    },
    {
      "cve": "CVE-2022-2345",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2345"
    },
    {
      "cve": "CVE-2022-23471",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23471"
    },
    {
      "cve": "CVE-2022-23521",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23521"
    },
    {
      "cve": "CVE-2022-23772",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23772"
    },
    {
      "cve": "CVE-2022-23773",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-23773"
    },
    {
      "cve": "CVE-2022-24302",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-24302"
    },
    {
      "cve": "CVE-2022-24329",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-24329"
    },
    {
      "cve": "CVE-2022-24823",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-24823"
    },
    {
      "cve": "CVE-2022-24903",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-24903"
    },
    {
      "cve": "CVE-2022-2503",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2503"
    },
    {
      "cve": "CVE-2022-25147",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-25147"
    },
    {
      "cve": "CVE-2022-25168",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-25168"
    },
    {
      "cve": "CVE-2022-2519",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2519"
    },
    {
      "cve": "CVE-2022-2520",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2520"
    },
    {
      "cve": "CVE-2022-2521",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2521"
    },
    {
      "cve": "CVE-2022-2522",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2522"
    },
    {
      "cve": "CVE-2022-25647",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-25647"
    },
    {
      "cve": "CVE-2022-2571",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2571"
    },
    {
      "cve": "CVE-2022-2580",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2580"
    },
    {
      "cve": "CVE-2022-2581",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2581"
    },
    {
      "cve": "CVE-2022-25857",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-25857"
    },
    {
      "cve": "CVE-2022-2588",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2588"
    },
    {
      "cve": "CVE-2022-2598",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2598"
    },
    {
      "cve": "CVE-2022-26148",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-26148"
    },
    {
      "cve": "CVE-2022-26365",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-26365"
    },
    {
      "cve": "CVE-2022-26373",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-26373"
    },
    {
      "cve": "CVE-2022-2639",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2639"
    },
    {
      "cve": "CVE-2022-26612",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-26612"
    },
    {
      "cve": "CVE-2022-2663",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2663"
    },
    {
      "cve": "CVE-2022-27781",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-27943",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-27943"
    },
    {
      "cve": "CVE-2022-2795",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2795"
    },
    {
      "cve": "CVE-2022-28131",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-28131"
    },
    {
      "cve": "CVE-2022-2816",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2816"
    },
    {
      "cve": "CVE-2022-2817",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2817"
    },
    {
      "cve": "CVE-2022-2819",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2819"
    },
    {
      "cve": "CVE-2022-28327",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-28327"
    },
    {
      "cve": "CVE-2022-2845",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2845"
    },
    {
      "cve": "CVE-2022-2849",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2849"
    },
    {
      "cve": "CVE-2022-2862",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2862"
    },
    {
      "cve": "CVE-2022-2867",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2867"
    },
    {
      "cve": "CVE-2022-2868",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2868"
    },
    {
      "cve": "CVE-2022-2869",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2869"
    },
    {
      "cve": "CVE-2022-28693",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-28693"
    },
    {
      "cve": "CVE-2022-2874",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2874"
    },
    {
      "cve": "CVE-2022-28748",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-28748"
    },
    {
      "cve": "CVE-2022-2880",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2880"
    },
    {
      "cve": "CVE-2022-2889",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2889"
    },
    {
      "cve": "CVE-2022-29162",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-29162"
    },
    {
      "cve": "CVE-2022-29187",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-29187"
    },
    {
      "cve": "CVE-2022-2923",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2923"
    },
    {
      "cve": "CVE-2022-2946",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2946"
    },
    {
      "cve": "CVE-2022-29526",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-29526"
    },
    {
      "cve": "CVE-2022-29583",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-29583"
    },
    {
      "cve": "CVE-2022-2964",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2964"
    },
    {
      "cve": "CVE-2022-2977",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2977"
    },
    {
      "cve": "CVE-2022-2980",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2980"
    },
    {
      "cve": "CVE-2022-2982",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2982"
    },
    {
      "cve": "CVE-2022-29900",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-29900"
    },
    {
      "cve": "CVE-2022-29901",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-29901"
    },
    {
      "cve": "CVE-2022-2991",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-2991"
    },
    {
      "cve": "CVE-2022-3016",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3016"
    },
    {
      "cve": "CVE-2022-3028",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3028"
    },
    {
      "cve": "CVE-2022-3037",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3037"
    },
    {
      "cve": "CVE-2022-30580",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-30580"
    },
    {
      "cve": "CVE-2022-30630",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-30630"
    },
    {
      "cve": "CVE-2022-30631",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-30631"
    },
    {
      "cve": "CVE-2022-30632",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-30632"
    },
    {
      "cve": "CVE-2022-30633",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-30633"
    },
    {
      "cve": "CVE-2022-3099",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3099"
    },
    {
      "cve": "CVE-2022-31030",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-31030"
    },
    {
      "cve": "CVE-2022-31159",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-31159"
    },
    {
      "cve": "CVE-2022-3134",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3134"
    },
    {
      "cve": "CVE-2022-3153",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3153"
    },
    {
      "cve": "CVE-2022-3169",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3169"
    },
    {
      "cve": "CVE-2022-31690",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-31690"
    },
    {
      "cve": "CVE-2022-32148",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-32148"
    },
    {
      "cve": "CVE-2022-32149",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-32149"
    },
    {
      "cve": "CVE-2022-32206",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32208",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-3234",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3234"
    },
    {
      "cve": "CVE-2022-3235",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3235"
    },
    {
      "cve": "CVE-2022-3239",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3239"
    },
    {
      "cve": "CVE-2022-3278",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3278"
    },
    {
      "cve": "CVE-2022-3296",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3296"
    },
    {
      "cve": "CVE-2022-3297",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3297"
    },
    {
      "cve": "CVE-2022-33196",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-33196"
    },
    {
      "cve": "CVE-2022-3324",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3324"
    },
    {
      "cve": "CVE-2022-3352",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3352"
    },
    {
      "cve": "CVE-2022-33740",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-33740"
    },
    {
      "cve": "CVE-2022-33741",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-33741"
    },
    {
      "cve": "CVE-2022-33742",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-33742"
    },
    {
      "cve": "CVE-2022-33972",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-33972"
    },
    {
      "cve": "CVE-2022-33981",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-33981"
    },
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-3424",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3424"
    },
    {
      "cve": "CVE-2022-34266",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-34266"
    },
    {
      "cve": "CVE-2022-34526",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-34526"
    },
    {
      "cve": "CVE-2022-34903",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-34903"
    },
    {
      "cve": "CVE-2022-3491",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3491"
    },
    {
      "cve": "CVE-2022-3515",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3515"
    },
    {
      "cve": "CVE-2022-3520",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3520"
    },
    {
      "cve": "CVE-2022-3521",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3521"
    },
    {
      "cve": "CVE-2022-3524",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3524"
    },
    {
      "cve": "CVE-2022-35252",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-3542",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3542"
    },
    {
      "cve": "CVE-2022-3545",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3545"
    },
    {
      "cve": "CVE-2022-3564",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3564"
    },
    {
      "cve": "CVE-2022-3565",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3565"
    },
    {
      "cve": "CVE-2022-3566",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3566"
    },
    {
      "cve": "CVE-2022-3567",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3567"
    },
    {
      "cve": "CVE-2022-35737",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-35737"
    },
    {
      "cve": "CVE-2022-3586",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3586"
    },
    {
      "cve": "CVE-2022-3591",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3591"
    },
    {
      "cve": "CVE-2022-3594",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3594"
    },
    {
      "cve": "CVE-2022-3597",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3597"
    },
    {
      "cve": "CVE-2022-3599",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3599"
    },
    {
      "cve": "CVE-2022-36109",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-36109"
    },
    {
      "cve": "CVE-2022-3621",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3621"
    },
    {
      "cve": "CVE-2022-3626",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3626"
    },
    {
      "cve": "CVE-2022-3627",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3627"
    },
    {
      "cve": "CVE-2022-3628",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3628"
    },
    {
      "cve": "CVE-2022-36280",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-36280"
    },
    {
      "cve": "CVE-2022-3629",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3629"
    },
    {
      "cve": "CVE-2022-3635",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3635"
    },
    {
      "cve": "CVE-2022-3643",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3643"
    },
    {
      "cve": "CVE-2022-36437",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-36437"
    },
    {
      "cve": "CVE-2022-3646",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3646"
    },
    {
      "cve": "CVE-2022-3649",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3649"
    },
    {
      "cve": "CVE-2022-36760",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-36760"
    },
    {
      "cve": "CVE-2022-36879",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-36879"
    },
    {
      "cve": "CVE-2022-36946",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-36946"
    },
    {
      "cve": "CVE-2022-3705",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3705"
    },
    {
      "cve": "CVE-2022-37434",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-37436",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-37436"
    },
    {
      "cve": "CVE-2022-37865",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-37865"
    },
    {
      "cve": "CVE-2022-37866",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-37866"
    },
    {
      "cve": "CVE-2022-38090",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38090"
    },
    {
      "cve": "CVE-2022-38096",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38096"
    },
    {
      "cve": "CVE-2022-38126",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38126"
    },
    {
      "cve": "CVE-2022-38127",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38127"
    },
    {
      "cve": "CVE-2022-38177",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38177"
    },
    {
      "cve": "CVE-2022-38178",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38178"
    },
    {
      "cve": "CVE-2022-3821",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3821"
    },
    {
      "cve": "CVE-2022-38533",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38533"
    },
    {
      "cve": "CVE-2022-38749",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38749"
    },
    {
      "cve": "CVE-2022-38750",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38750"
    },
    {
      "cve": "CVE-2022-38751",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38751"
    },
    {
      "cve": "CVE-2022-38752",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-38752"
    },
    {
      "cve": "CVE-2022-39028",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-39028"
    },
    {
      "cve": "CVE-2022-3903",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3903"
    },
    {
      "cve": "CVE-2022-39188",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-39188"
    },
    {
      "cve": "CVE-2022-39399",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-39399"
    },
    {
      "cve": "CVE-2022-3970",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-3970"
    },
    {
      "cve": "CVE-2022-40149",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40149"
    },
    {
      "cve": "CVE-2022-40150",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40150"
    },
    {
      "cve": "CVE-2022-40151",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40151"
    },
    {
      "cve": "CVE-2022-40152",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40152"
    },
    {
      "cve": "CVE-2022-40153",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40153"
    },
    {
      "cve": "CVE-2022-40303",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40303"
    },
    {
      "cve": "CVE-2022-40304",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40304"
    },
    {
      "cve": "CVE-2022-40307",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40307"
    },
    {
      "cve": "CVE-2022-40674",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40674"
    },
    {
      "cve": "CVE-2022-40768",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40768"
    },
    {
      "cve": "CVE-2022-40899",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-40899"
    },
    {
      "cve": "CVE-2022-4095",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4095"
    },
    {
      "cve": "CVE-2022-41218",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41218"
    },
    {
      "cve": "CVE-2022-4129",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4129"
    },
    {
      "cve": "CVE-2022-4141",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4141"
    },
    {
      "cve": "CVE-2022-41717",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41717"
    },
    {
      "cve": "CVE-2022-41721",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41721"
    },
    {
      "cve": "CVE-2022-41848",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41848"
    },
    {
      "cve": "CVE-2022-41850",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41850"
    },
    {
      "cve": "CVE-2022-41854",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41854"
    },
    {
      "cve": "CVE-2022-41858",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41858"
    },
    {
      "cve": "CVE-2022-41881",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41881"
    },
    {
      "cve": "CVE-2022-41903",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41903"
    },
    {
      "cve": "CVE-2022-41915",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41915"
    },
    {
      "cve": "CVE-2022-41966",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41966"
    },
    {
      "cve": "CVE-2022-41974",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-41974"
    },
    {
      "cve": "CVE-2022-42003",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42003"
    },
    {
      "cve": "CVE-2022-42004",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42004"
    },
    {
      "cve": "CVE-2022-42010",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42010"
    },
    {
      "cve": "CVE-2022-42011",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42011"
    },
    {
      "cve": "CVE-2022-42012",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42012"
    },
    {
      "cve": "CVE-2022-42328",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42328"
    },
    {
      "cve": "CVE-2022-42329",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42329"
    },
    {
      "cve": "CVE-2022-42703",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42703"
    },
    {
      "cve": "CVE-2022-42889",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42889"
    },
    {
      "cve": "CVE-2022-42895",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42895"
    },
    {
      "cve": "CVE-2022-42896",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42896"
    },
    {
      "cve": "CVE-2022-42898",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42898"
    },
    {
      "cve": "CVE-2022-4292",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4292"
    },
    {
      "cve": "CVE-2022-4293",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4293"
    },
    {
      "cve": "CVE-2022-42969",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-42969"
    },
    {
      "cve": "CVE-2022-4304",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4304"
    },
    {
      "cve": "CVE-2022-43552",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-43680",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-43680"
    },
    {
      "cve": "CVE-2022-43750",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-43750"
    },
    {
      "cve": "CVE-2022-4378",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4378"
    },
    {
      "cve": "CVE-2022-43945",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-43945"
    },
    {
      "cve": "CVE-2022-43995",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-43995"
    },
    {
      "cve": "CVE-2022-4415",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4415"
    },
    {
      "cve": "CVE-2022-4450",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4450"
    },
    {
      "cve": "CVE-2022-44638",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-44638"
    },
    {
      "cve": "CVE-2022-45061",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45061"
    },
    {
      "cve": "CVE-2022-45688",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45688"
    },
    {
      "cve": "CVE-2022-45884",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45884"
    },
    {
      "cve": "CVE-2022-45885",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45885"
    },
    {
      "cve": "CVE-2022-45886",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45886"
    },
    {
      "cve": "CVE-2022-45887",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45887"
    },
    {
      "cve": "CVE-2022-45919",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45919"
    },
    {
      "cve": "CVE-2022-45934",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45934"
    },
    {
      "cve": "CVE-2022-45939",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-45939"
    },
    {
      "cve": "CVE-2022-4662",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-4662"
    },
    {
      "cve": "CVE-2022-46751",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-46751"
    },
    {
      "cve": "CVE-2022-46908",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-46908"
    },
    {
      "cve": "CVE-2022-47629",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-47629"
    },
    {
      "cve": "CVE-2022-47929",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-47929"
    },
    {
      "cve": "CVE-2022-48281",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-48281"
    },
    {
      "cve": "CVE-2022-48337",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-48337"
    },
    {
      "cve": "CVE-2022-48339",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2022-48339"
    },
    {
      "cve": "CVE-2023-0045",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0045"
    },
    {
      "cve": "CVE-2023-0049",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0049"
    },
    {
      "cve": "CVE-2023-0051",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0051"
    },
    {
      "cve": "CVE-2023-0054",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0054"
    },
    {
      "cve": "CVE-2023-0215",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0215"
    },
    {
      "cve": "CVE-2023-0286",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-0288",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0288"
    },
    {
      "cve": "CVE-2023-0433",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0433"
    },
    {
      "cve": "CVE-2023-0464",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0464"
    },
    {
      "cve": "CVE-2023-0465",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0465"
    },
    {
      "cve": "CVE-2023-0466",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0466"
    },
    {
      "cve": "CVE-2023-0512",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0512"
    },
    {
      "cve": "CVE-2023-0590",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0590"
    },
    {
      "cve": "CVE-2023-0597",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0597"
    },
    {
      "cve": "CVE-2023-0833",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-0833"
    },
    {
      "cve": "CVE-2023-1076",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1076"
    },
    {
      "cve": "CVE-2023-1095",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1095"
    },
    {
      "cve": "CVE-2023-1118",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1118"
    },
    {
      "cve": "CVE-2023-1127",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1127"
    },
    {
      "cve": "CVE-2023-1170",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1170"
    },
    {
      "cve": "CVE-2023-1175",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1175"
    },
    {
      "cve": "CVE-2023-1370",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1370"
    },
    {
      "cve": "CVE-2023-1380",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1380"
    },
    {
      "cve": "CVE-2023-1390",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1390"
    },
    {
      "cve": "CVE-2023-1436",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1436"
    },
    {
      "cve": "CVE-2023-1513",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1513"
    },
    {
      "cve": "CVE-2023-1611",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1611"
    },
    {
      "cve": "CVE-2023-1670",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1670"
    },
    {
      "cve": "CVE-2023-1855",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1855"
    },
    {
      "cve": "CVE-2023-1989",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1989"
    },
    {
      "cve": "CVE-2023-1990",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1990"
    },
    {
      "cve": "CVE-2023-1998",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-1998"
    },
    {
      "cve": "CVE-2023-20862",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-20862"
    },
    {
      "cve": "CVE-2023-2124",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2124"
    },
    {
      "cve": "CVE-2023-2162",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2162"
    },
    {
      "cve": "CVE-2023-2176",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2176"
    },
    {
      "cve": "CVE-2023-21830",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21830"
    },
    {
      "cve": "CVE-2023-21835",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21835"
    },
    {
      "cve": "CVE-2023-21843",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21843"
    },
    {
      "cve": "CVE-2023-21930",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21930"
    },
    {
      "cve": "CVE-2023-21937",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21937"
    },
    {
      "cve": "CVE-2023-21938",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21938"
    },
    {
      "cve": "CVE-2023-21939",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21939"
    },
    {
      "cve": "CVE-2023-2194",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2194"
    },
    {
      "cve": "CVE-2023-21954",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21954"
    },
    {
      "cve": "CVE-2023-21967",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21967"
    },
    {
      "cve": "CVE-2023-21968",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-21968"
    },
    {
      "cve": "CVE-2023-22490",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-22490"
    },
    {
      "cve": "CVE-2023-2253",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2253"
    },
    {
      "cve": "CVE-2023-22809",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-22809"
    },
    {
      "cve": "CVE-2023-23454",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-23454"
    },
    {
      "cve": "CVE-2023-23455",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-23455"
    },
    {
      "cve": "CVE-2023-23559",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-23559"
    },
    {
      "cve": "CVE-2023-23916",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-23916"
    },
    {
      "cve": "CVE-2023-23946",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-23946"
    },
    {
      "cve": "CVE-2023-24329",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-24329"
    },
    {
      "cve": "CVE-2023-24532",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-24532"
    },
    {
      "cve": "CVE-2023-24534",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-24534"
    },
    {
      "cve": "CVE-2023-2483",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2483"
    },
    {
      "cve": "CVE-2023-24998",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-2513",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2513"
    },
    {
      "cve": "CVE-2023-25193",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-25193"
    },
    {
      "cve": "CVE-2023-25652",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-25652"
    },
    {
      "cve": "CVE-2023-25690",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-25690"
    },
    {
      "cve": "CVE-2023-25809",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-25809"
    },
    {
      "cve": "CVE-2023-25815",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-25815"
    },
    {
      "cve": "CVE-2023-26048",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-26048"
    },
    {
      "cve": "CVE-2023-26049",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-26049"
    },
    {
      "cve": "CVE-2023-2650",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2650"
    },
    {
      "cve": "CVE-2023-26545",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-26545"
    },
    {
      "cve": "CVE-2023-26604",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-26604"
    },
    {
      "cve": "CVE-2023-27533",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27538",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-27561",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-27561"
    },
    {
      "cve": "CVE-2023-2828",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2828"
    },
    {
      "cve": "CVE-2023-28320",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28320"
    },
    {
      "cve": "CVE-2023-28321",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28321"
    },
    {
      "cve": "CVE-2023-28322",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28322"
    },
    {
      "cve": "CVE-2023-28328",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28328"
    },
    {
      "cve": "CVE-2023-28464",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28464"
    },
    {
      "cve": "CVE-2023-28486",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28486"
    },
    {
      "cve": "CVE-2023-28487",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28487"
    },
    {
      "cve": "CVE-2023-28642",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28642"
    },
    {
      "cve": "CVE-2023-28772",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28772"
    },
    {
      "cve": "CVE-2023-28840",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28840"
    },
    {
      "cve": "CVE-2023-28841",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28841"
    },
    {
      "cve": "CVE-2023-28842",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-28842"
    },
    {
      "cve": "CVE-2023-29007",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-29007"
    },
    {
      "cve": "CVE-2023-29383",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-29383"
    },
    {
      "cve": "CVE-2023-29402",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-29402"
    },
    {
      "cve": "CVE-2023-29406",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-29406"
    },
    {
      "cve": "CVE-2023-29409",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-29409"
    },
    {
      "cve": "CVE-2023-2976",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-30630",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-30630"
    },
    {
      "cve": "CVE-2023-30772",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-30772"
    },
    {
      "cve": "CVE-2023-31084",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-31084"
    },
    {
      "cve": "CVE-2023-3138",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-3138"
    },
    {
      "cve": "CVE-2023-31436",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-31436"
    },
    {
      "cve": "CVE-2023-31484",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-31484"
    },
    {
      "cve": "CVE-2023-32269",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-32269"
    },
    {
      "cve": "CVE-2023-32697",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-32697"
    },
    {
      "cve": "CVE-2023-33264",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-33264"
    },
    {
      "cve": "CVE-2023-34034",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-34034"
    },
    {
      "cve": "CVE-2023-34035",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-34035"
    },
    {
      "cve": "CVE-2023-34453",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-34453"
    },
    {
      "cve": "CVE-2023-34454",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-34454"
    },
    {
      "cve": "CVE-2023-34455",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-34455"
    },
    {
      "cve": "CVE-2023-34462",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-34462"
    },
    {
      "cve": "CVE-2023-35116",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-3635",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-3635"
    },
    {
      "cve": "CVE-2023-36479",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-36479"
    },
    {
      "cve": "CVE-2023-39533",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-39533"
    },
    {
      "cve": "CVE-2023-40167",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-40167"
    },
    {
      "cve": "CVE-2023-40217",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-40217"
    },
    {
      "cve": "CVE-2023-41105",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-41105"
    },
    {
      "cve": "CVE-2023-41900",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-41900"
    },
    {
      "cve": "CVE-2023-43642",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-43642"
    },
    {
      "cve": "CVE-2023-43804",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-43804"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45803",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2023-45803"
    },
    {
      "cve": "CVE-2024-21626",
      "notes": [
        {
          "category": "description",
          "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033919"
        ]
      },
      "release_date": "2024-04-04T22:00:00.000+00:00",
      "title": "CVE-2024-21626"
    }
  ]
}

WID-SEC-W-2024-2181

Vulnerability from csaf_certbund - Published: 2020-07-14 22:00 - Updated: 2024-09-18 22:00

Summary

Oracle Fusion Middleware: Mehrere Schwachstellen

Severity

Kritisch

Notes

Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Verfügbarkeit, Vertraulichkeit und Integrität zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2017-5645

In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verfügbarkeit, Vertraulichkeit und Integrität gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "High" für "Availability", "Confidentiality" und "Integrity" und bewirkt damit eine "hohe" Schadenshöhe.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2018-11058

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2018-6616

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2018-8032

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-0227

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-12415

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-12973

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-14862

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-16943

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-17267

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-17359

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-17531

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-17571

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2019-20330

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-10650

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-10672

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-10673

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-10968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-10969

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-11111

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-11112

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-11113

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-11619

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-11620

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14530

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14548

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14552

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14557

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14565

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14570

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14571

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14572

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14584

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14585

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14588

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14589

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14607

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14608

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14609

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14611

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14613

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14622

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14625

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14626

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14636

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14637

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14638

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14639

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14640

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14642

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14644

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14645

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14652

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14655

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14687

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14690

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14696

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-14723

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-1941

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-1945

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-2966

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-2967

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-5397

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-5398

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-6851

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-8112

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-9488

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-9546

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-9547

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

CVE-2020-9548

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Oracle Fusion Middleware Oracle	`cpe:/a:oracle:fusion_middleware:-`	—

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpujul2020…	external
https://www.cisa.gov/news-events/alerts/2024/09/1…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-2181 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-2181.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-2181 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2181"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2020 vom 2020-07-14",
        "url": "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixFMW"
      },
      {
        "category": "external",
        "summary": "CISA Known Exploited Vulnerabilities Catalog vom 2024-09-18",
        "url": "https://www.cisa.gov/news-events/alerts/2024/09/18/cisa-adds-five-known-exploited-vulnerabilities-catalog"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-09-18T22:00:00.000+00:00",
      "generator": {
        "date": "2024-09-19T08:07:01.724+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-2181",
      "initial_release_date": "2020-07-14T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2020-07-14T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-09-18T22:00:00.000+00:00",
          "number": "2",
          "summary": "Aktive Ausnutzung gemeldet"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Fusion Middleware",
            "product": {
              "name": "Oracle Fusion Middleware",
              "product_id": "T006198",
              "product_identification_helper": {
                "cpe": "cpe:/a:oracle:fusion_middleware:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2017-5645"
    },
    {
      "cve": "CVE-2018-11058",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2018-11058"
    },
    {
      "cve": "CVE-2018-6616",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2018-6616"
    },
    {
      "cve": "CVE-2018-8032",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2018-8032"
    },
    {
      "cve": "CVE-2019-0227",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-0227"
    },
    {
      "cve": "CVE-2019-12415",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-12415"
    },
    {
      "cve": "CVE-2019-12973",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-12973"
    },
    {
      "cve": "CVE-2019-14862",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-14862"
    },
    {
      "cve": "CVE-2019-16943",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-16943"
    },
    {
      "cve": "CVE-2019-17267",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-17267"
    },
    {
      "cve": "CVE-2019-17359",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-17359"
    },
    {
      "cve": "CVE-2019-17531",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-17531"
    },
    {
      "cve": "CVE-2019-17571",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-17571"
    },
    {
      "cve": "CVE-2019-20330",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2019-20330"
    },
    {
      "cve": "CVE-2020-10650",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-10650"
    },
    {
      "cve": "CVE-2020-10672",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-10672"
    },
    {
      "cve": "CVE-2020-10673",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-10673"
    },
    {
      "cve": "CVE-2020-10968",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-10968"
    },
    {
      "cve": "CVE-2020-10969",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-10969"
    },
    {
      "cve": "CVE-2020-11111",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-11111"
    },
    {
      "cve": "CVE-2020-11112",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-11112"
    },
    {
      "cve": "CVE-2020-11113",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-11113"
    },
    {
      "cve": "CVE-2020-11619",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-11619"
    },
    {
      "cve": "CVE-2020-11620",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-11620"
    },
    {
      "cve": "CVE-2020-14530",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14530"
    },
    {
      "cve": "CVE-2020-14548",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14548"
    },
    {
      "cve": "CVE-2020-14552",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14552"
    },
    {
      "cve": "CVE-2020-14557",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14557"
    },
    {
      "cve": "CVE-2020-14565",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14565"
    },
    {
      "cve": "CVE-2020-14570",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14570"
    },
    {
      "cve": "CVE-2020-14571",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14571"
    },
    {
      "cve": "CVE-2020-14572",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14572"
    },
    {
      "cve": "CVE-2020-14584",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14584"
    },
    {
      "cve": "CVE-2020-14585",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14585"
    },
    {
      "cve": "CVE-2020-14588",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14588"
    },
    {
      "cve": "CVE-2020-14589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14589"
    },
    {
      "cve": "CVE-2020-14607",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14607"
    },
    {
      "cve": "CVE-2020-14608",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14608"
    },
    {
      "cve": "CVE-2020-14609",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14609"
    },
    {
      "cve": "CVE-2020-14611",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14611"
    },
    {
      "cve": "CVE-2020-14613",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14613"
    },
    {
      "cve": "CVE-2020-14622",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14622"
    },
    {
      "cve": "CVE-2020-14625",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14625"
    },
    {
      "cve": "CVE-2020-14626",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14626"
    },
    {
      "cve": "CVE-2020-14636",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14636"
    },
    {
      "cve": "CVE-2020-14637",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14637"
    },
    {
      "cve": "CVE-2020-14638",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14638"
    },
    {
      "cve": "CVE-2020-14639",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14639"
    },
    {
      "cve": "CVE-2020-14640",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14640"
    },
    {
      "cve": "CVE-2020-14642",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14642"
    },
    {
      "cve": "CVE-2020-14644",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14644"
    },
    {
      "cve": "CVE-2020-14645",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14645"
    },
    {
      "cve": "CVE-2020-14652",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14652"
    },
    {
      "cve": "CVE-2020-14655",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14655"
    },
    {
      "cve": "CVE-2020-14687",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14687"
    },
    {
      "cve": "CVE-2020-14690",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14690"
    },
    {
      "cve": "CVE-2020-14696",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14696"
    },
    {
      "cve": "CVE-2020-14723",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-14723"
    },
    {
      "cve": "CVE-2020-1941",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-1941"
    },
    {
      "cve": "CVE-2020-1945",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-1945"
    },
    {
      "cve": "CVE-2020-2966",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-2966"
    },
    {
      "cve": "CVE-2020-2967",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-2967"
    },
    {
      "cve": "CVE-2020-5397",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-5397"
    },
    {
      "cve": "CVE-2020-5398",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-5398"
    },
    {
      "cve": "CVE-2020-6851",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-6851"
    },
    {
      "cve": "CVE-2020-8112",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-8112"
    },
    {
      "cve": "CVE-2020-9488",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-9488"
    },
    {
      "cve": "CVE-2020-9546",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-9546"
    },
    {
      "cve": "CVE-2020-9547",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-9547"
    },
    {
      "cve": "CVE-2020-9548",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen in den Produkten Oracle WebCenter Portal, Oracle WebLogic Server, Oracle Endeca Information Discovery Studio, Oracle Enterprise Repository, Oracle Outside In Technology, Oracle Business Intelligence Enterprise Edition, Oracle BI Publisher, Oracle Fusion Middleware MapViewer, Oracle Help Technologies, Oracle Unified Directory, Oracle Business Process Management Suite, Oracle Coherence, Oracle Security Service und Oracle WebCenter Sites. Durch Ausnutzung dieser Schwachstellen kann ein entfernter Angreifer die Verf\u00fcgbarkeit, Vertraulichkeit und Integrit\u00e4t gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion und keine Authentisierung notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Availability\", \"Confidentiality\" und \"Integrity\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006198"
        ]
      },
      "release_date": "2020-07-14T22:00:00.000+00:00",
      "title": "CVE-2020-9548"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Vendor	Product	Version
debian	debian_linux	Affected: 8.0 cpe:2.3:o:debian:debian_linux:8.0:::::::*
netapp	steelstore_cloud_integrated_storage	Affected: * cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
oracle	agile_plm	Affected: 9.3.6 cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*
oracle	autovue_for_agile_product_lifecycle_management	Affected: 21.0.2 cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:::::::*
oracle	banking_digital_experience	Affected: 18.1 , ≤ 18.3 (custom) Affected: 19.1 , ≤ 19.2 (custom) Affected: 20.1 Affected: 2.4.0 , ≤ 2.9.0 (custom) cpe:2.3:a:oracle:banking_digital_experience::::::::
oracle	communications_calendar_server	Affected: 8.0.0.4.0 , ≤ 8.0.0.5.0 (custom) cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:::::::*
oracle	communications_diameter_signaling_router	Affected: 8.0.0 , ≤ 8.2.2 (custom) cpe:2.3:a:oracle:communications_diameter_signaling_router:-:::::::*
oracle	communications_element_manager	Affected: 8.2.0 , ≤ 8.2.2 (custom) cpe:2.3:a:oracle:communications_element_manager::::::::
oracle	communications_evolved_communications_application_server	Affected: 7.1 cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
oracle	communications_instant_messaging_server	Affected: 10.0.1.4.0 cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:::::::*
oracle	communications_network_charging_and_control	Affected: 6.0.1 cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:::::::*
oracle	communications_network_charging_and_control	Affected: 12.0.0 , ≤ 12.0.3 (custom) cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.0:::::::*
oracle	communications_session_route_manager	Affected: 8.2.0 , ≤ 8.2.2 (custom) cpe:2.3:a:oracle:communications_session_route_manager:-:::::::*
oracle	enterprise_manager_base_platform	Affected: 13.3.0.0 , ≤ 13.4.0.0 (custom) cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:::::::*
oracle	financial_services_analytical_applications_infrastructure	Affected: 8.0.6 , ≤ 8.1.0 (custom) cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
oracle	financial_services_institutional_performance_analytics	Affected: 8.0.6 Affected: 8.0.7 Affected: 8.1.0 cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:::::::*
oracle	financial_services_price_creation_and_discovery	Affected: 8.0.6 , ≤ 8.0.7 (custom) cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:::::::*
oracle	financial_services_retail_customer_analytics	Affected: 8.0.6 cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:::::::*
oracle	global_lifecycle_management_opatch	Affected: 0 , ≤ 12.2.0.1.20 (custom) cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
oracle	insurance_policy_administration_j2ee	Affected: 11.0.2.25 , < 11.1.0.15 (custom) cpe:2.3:a:oracle:insurance_policy_administration_j2ee::::::::
oracle	jd_edwards_enterpriseone_orchestrator	Affected: 0 , ≤ 9.2.4.2 (custom) cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:-:::::::*
oracle	primavera_unifier	Affected: 16.1 Affected: 16.2 Affected: 17.7 , ≤ 17.12 (custom) Affected: 18.8 Affected: 19.12 cpe:2.3:a:oracle:primavera_unifier::::::::
oracle	retail_merchandising_system	Affected: 15.0 cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
oracle	retail_sales_audit	Affected: 14.1 cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
oracle	retail_service_backbone	Affected: 14.1 Affected: 15.0 Affected: 16.0 cpe:2.3:a:oracle:retail_service_backbone::::::::
oracle	retail_xstore_point_of_service	Affected: 15.0 , ≤ 19.0 (custom) cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
oracle	weblogic_server	Affected: 12.2.1.3.0 , ≤ 12.2.1.4.0 (custom) cpe:2.3:a:oracle:weblogic_server::::::::
fasterxml	jackson-databind	Affected: 2.0.0 , < 2.9.10.4 (custom) cpe:2.3:a:fasterxml:jackson-databind:2.0.0:::::::*

Action not permitted

CVE-2020-10672 (GCVE-0-2020-10672)

RHSA-2025:1746

VAR-202003-1779

WID-SEC-W-2022-1912

WID-SEC-W-2024-0794

WID-SEC-W-2024-2181

Tags

Sightings

Nomenclature