Vulnerability-Lookup

CVE-2024-38809 (GCVE-0-2024-38809)

Vulnerability from cvelistv5 – Published: 2024-09-27 16:39 – Updated: 2024-09-27 19:19

Summary

Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers, e.g. through a Filter.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

Spring Framework DoS via conditional HTTP request
CWE-400 - Uncontrolled Resource Consumption

Assigner

vmware

References

2 references

URL	Tags
https://spring.io/security/cve-2024-38809
https://security.netapp.com/advisory/ntap-2024092…

Impacted products

2 products

Vendor	Product	Version
N/A	Spring Framework	Affected: 6.1.0 - 6.1.11, 6.0.0 - 6.0.22, 5.3.0 - 5.3.37
vmware	spring_framework	Affected: 6.1.0 , ≤ 6.1.11 (custom) Affected: 6.0.0 , ≤ 6.0.22 (custom) Affected: 5.3.0 , ≤ 5.3.37 (custom) cpe:2.3:a:vmware:spring_framework::::::::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-27T17:03:10.001Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20240920-0003/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "spring_framework",
            "vendor": "vmware",
            "versions": [
              {
                "lessThanOrEqual": "6.1.11",
                "status": "affected",
                "version": "6.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.0.22",
                "status": "affected",
                "version": "6.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.3.37",
                "status": "affected",
                "version": "5.3.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38809",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-27T18:49:57.837165Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T19:19:01.160Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Spring Framework",
          "vendor": "N/A",
          "versions": [
            {
              "status": "affected",
              "version": "6.1.0 - 6.1.11, 6.0.0 - 6.0.22, 5.3.0 - 5.3.37"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Applications that parse ETags from \"If-Match\" or \"If-None-Match\" request headers are vulnerable to DoS attack.\u003cbr\u003e\u003cbr\u003eUsers of affected versions should upgrade to the corresponding fixed version.\u003cbr\u003e\u003cbr\u003eUsers of older, unsupported versions could enforce a size limit on \"If-Match\" and \"If-None-Match\" headers, e.g. through a Filter.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Applications that parse ETags from \"If-Match\" or \"If-None-Match\" request headers are vulnerable to DoS attack.\n\nUsers of affected versions should upgrade to the corresponding fixed version.\n\nUsers of older, unsupported versions could enforce a size limit on \"If-Match\" and \"If-None-Match\" headers, e.g. through a Filter."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Spring Framework DoS via conditional HTTP request",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-27T16:39:52.644Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2024-38809"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-38809",
    "datePublished": "2024-09-27T16:39:52.644Z",
    "dateReserved": "2024-06-19T22:31:57.187Z",
    "dateUpdated": "2024-09-27T19:19:01.160Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-38809",
      "date": "2026-06-05",
      "epss": "0.0014",
      "percentile": "0.33901"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-38809\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-09-27T17:15:12.393\",\"lastModified\":\"2024-11-21T09:26:51.010\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Applications that parse ETags from \\\"If-Match\\\" or \\\"If-None-Match\\\" request headers are vulnerable to DoS attack.\\n\\nUsers of affected versions should upgrade to the corresponding fixed version.\\n\\nUsers of older, unsupported versions could enforce a size limit on \\\"If-Match\\\" and \\\"If-None-Match\\\" headers, e.g. through a Filter.\"},{\"lang\":\"es\",\"value\":\"Las aplicaciones que analizan ETags de los encabezados de solicitud \\\"If-Match\\\" o \\\"If-None-Match\\\" son vulnerables a ataques DoS. Los usuarios de las versiones afectadas deben actualizar a la versi\u00f3n corregida correspondiente. Los usuarios de versiones anteriores no compatibles podr\u00edan imponer un l\u00edmite de tama\u00f1o en los encabezados \\\"If-Match\\\" y \\\"If-None-Match\\\", por ejemplo, a trav\u00e9s de un filtro.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2024-38809\",\"source\":\"security@vmware.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240920-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20240920-0003/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-27T17:03:10.001Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38809\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-27T18:49:57.837165Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\"], \"vendor\": \"vmware\", \"product\": \"spring_framework\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.1.11\"}, {\"status\": \"affected\", \"version\": \"6.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.0.22\"}, {\"status\": \"affected\", \"version\": \"5.3.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.3.37\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-27T19:11:07.606Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"N/A\", \"product\": \"Spring Framework\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.0 - 6.1.11, 6.0.0 - 6.0.22, 5.3.0 - 5.3.37\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://spring.io/security/cve-2024-38809\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Applications that parse ETags from \\\"If-Match\\\" or \\\"If-None-Match\\\" request headers are vulnerable to DoS attack.\\n\\nUsers of affected versions should upgrade to the corresponding fixed version.\\n\\nUsers of older, unsupported versions could enforce a size limit on \\\"If-Match\\\" and \\\"If-None-Match\\\" headers, e.g. through a Filter.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Applications that parse ETags from \\\"If-Match\\\" or \\\"If-None-Match\\\" request headers are vulnerable to DoS attack.\u003cbr\u003e\u003cbr\u003eUsers of affected versions should upgrade to the corresponding fixed version.\u003cbr\u003e\u003cbr\u003eUsers of older, unsupported versions could enforce a size limit on \\\"If-Match\\\" and \\\"If-None-Match\\\" headers, e.g. through a Filter.\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Spring Framework DoS via conditional HTTP request\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-09-27T16:39:52.644Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-38809\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-27T19:19:01.160Z\", \"dateReserved\": \"2024-06-19T22:31:57.187Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-09-27T16:39:52.644Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-2RMJ-MQ67-H97G

Vulnerability from github – Published: 2024-09-24 18:34 – Updated: 2025-02-21 15:15

Summary

Spring Framework DoS via conditional HTTP request

Details

Description

Applications that parse ETags from If-Match or If-None-Match request headers are vulnerable to DoS attack.

Affected Spring Products and Versions

org.springframework:spring-web in versions

6.1.0 through 6.1.11 6.0.0 through 6.0.22 5.3.0 through 5.3.37

Older, unsupported versions are also affected

Mitigation

Users of affected versions should upgrade to the corresponding fixed version. 6.1.x -> 6.1.12 6.0.x -> 6.0.23 5.3.x -> 5.3.38 No other mitigation steps are necessary.

Users of older, unsupported versions could enforce a size limit on If-Match and If-None-Match headers, e.g. through a Filter.

Severity

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework:spring-web"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.3.38"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework:spring-web"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.0.23"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework:spring-web"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.1.0"
            },
            {
              "fixed": "6.1.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-38809"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1333",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-09-24T18:34:43Z",
    "nvd_published_at": "2024-09-27T17:15:12Z",
    "severity": "MODERATE"
  },
  "details": "### Description\nApplications that parse ETags from `If-Match` or `If-None-Match` request headers are vulnerable to DoS attack.\n\n### Affected Spring Products and Versions\norg.springframework:spring-web in versions \n\n6.1.0 through 6.1.11\n6.0.0 through 6.0.22\n5.3.0 through 5.3.37\n\nOlder, unsupported versions are also affected\n\n### Mitigation\nUsers of affected versions should upgrade to the corresponding fixed version.\n6.1.x -\u003e 6.1.12\n6.0.x -\u003e 6.0.23\n5.3.x -\u003e 5.3.38\nNo other mitigation steps are necessary.\n\nUsers of older, unsupported versions could enforce a size limit on `If-Match` and `If-None-Match` headers, e.g. through a Filter.",
  "id": "GHSA-2rmj-mq67-h97g",
  "modified": "2025-02-21T15:15:57Z",
  "published": "2024-09-24T18:34:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809"
    },
    {
      "type": "WEB",
      "url": "https://github.com/spring-projects/spring-framework/issues/33372"
    },
    {
      "type": "WEB",
      "url": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533"
    },
    {
      "type": "WEB",
      "url": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/spring-projects/spring-framework"
    },
    {
      "type": "WEB",
      "url": "https://spring.io/security/cve-2024-38809"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Spring Framework DoS via conditional HTTP request"
}

NCSC-2024-0418

Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:19 - Updated: 2024-10-17 13:19

Summary

Kwetsbaarheden verholpen in Oracle Analytics

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Oracle heeft kwetsbaarheden verholpen in Analytics producten.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service - Manipuleren van data - Uitvoer van willekeurige code (Gebruikersrechten) - Uitvoer van willekeurige code (Administratorrechten) - Toegang tot gevoelige gegevens

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-606: Unchecked Input for Loop Condition

CWE-754: Improper Check for Unusual or Exceptional Conditions

CWE-345: Insufficient Verification of Data Authenticity

CWE-325: Missing Cryptographic Step

CWE-404: Improper Resource Shutdown or Release

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333: Inefficient Regular Expression Complexity

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-476: NULL Pointer Dereference

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-918: Server-Side Request Forgery (SSRF)

CWE-787: Out-of-bounds Write

CWE-122: Heap-based Buffer Overflow

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2022-23305

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected products

Known affected 27 products

CVE-2023-0401

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 13 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:::::::*`	—

CVE-2023-5678

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Affected products

Known affected 9 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—

CVE-2023-35116

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 10 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—

CVE-2023-38545

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 9 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—

CVE-2024-21195

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Affected products

Known affected 3 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—

CVE-2024-21254

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 3 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 8 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—

CVE-2024-29133

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 6 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—

CVE-2024-29736

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-38809

8.0 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 3 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-39689

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-345 - Insufficient Verification of Data Authenticity

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—

References

14 references

URL	Category
https://www.oracle.com/security-alerts/cpuoct2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Analytics producten.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service\n- Manipuleren van data\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Unchecked Input for Loop Condition",
        "title": "CWE-606"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Missing Cryptographic Step",
        "title": "CWE-325"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
        "title": "CWE-89"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Analytics",
    "tracking": {
      "current_release_date": "2024-10-17T13:19:50.583299Z",
      "id": "NCSC-2024-0418",
      "initial_release_date": "2024-10-17T13:19:50.583299Z",
      "revision_history": [
        {
          "date": "2024-10-17T13:19:50.583299Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-1503573",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765388",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764727",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764729",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765383",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765385",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765389",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764725",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764728",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764730",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764726",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765386",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765384",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764234",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764929",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764930",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764235",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764236",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-1503574",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-376906",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:*:enterprise:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-135812",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-220360",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:enterprise:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-135810",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-179569",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-257324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1650736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-9197",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-9493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-228391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220560",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-1673195",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-23305",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "title": "CWE-89"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-135810",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9493",
          "CSAFPID-764778",
          "CSAFPID-228391",
          "CSAFPID-220546",
          "CSAFPID-9197",
          "CSAFPID-764929",
          "CSAFPID-764930",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-23305",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23305.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-135810",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9493",
            "CSAFPID-764778",
            "CSAFPID-228391",
            "CSAFPID-220546",
            "CSAFPID-9197",
            "CSAFPID-764929",
            "CSAFPID-764930",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2022-23305"
    },
    {
      "cve": "CVE-2023-0401",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-135810",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-0401",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0401.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-135810",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764729",
            "CSAFPID-764730"
          ]
        }
      ],
      "title": "CVE-2023-0401"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "other",
          "text": "Missing Cryptographic Step",
          "title": "CWE-325"
        },
        {
          "category": "other",
          "text": "Unchecked Input for Loop Condition",
          "title": "CWE-606"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5678",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-35116",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-257324",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-35116",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35116.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-257324",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-38545",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38545",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38545.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-1650736",
            "CSAFPID-257324",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2023-38545"
    },
    {
      "cve": "CVE-2024-21195",
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-1673195",
          "CSAFPID-220560"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-1673195",
            "CSAFPID-220560"
          ]
        }
      ],
      "title": "CVE-2024-21195"
    },
    {
      "cve": "CVE-2024-21254",
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21254.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-21254"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324",
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324",
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-29736",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29736",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-29736"
    },
    {
      "cve": "CVE-2024-38809",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38809",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-38809"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-135810",
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-135810",
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-39689",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39689",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736"
          ]
        }
      ],
      "title": "CVE-2024-39689"
    }
  ]
}

NCSC-2025-0021

Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:30 - Updated: 2025-01-22 13:30

Summary

Kwetsbaarheden verholpen in Oracle Communications

Notes

Feiten: Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communicatieproducten, waaronder Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function en Oracle Communications Order and Service Management.

Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om Denial of Service (DoS) aanvallen uit te voeren of om ongeautoriseerde toegang tot gevoelige gegevens te verkrijgen. Specifieke versies, zoals 24.2.0 en 24.3.0 van de Cloud Native Core Network Function, zijn bijzonder kwetsbaar. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal geprepareerde HTTP-verzoeken te sturen naar het kwetsbare systeem.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-1395: Dependency on Vulnerable Third-Party Component

CWE-670: Always-Incorrect Control Flow Implementation

CWE-405: Asymmetric Resource Consumption (Amplification)

CWE-35: Path Traversal: '.../...//'

CWE-466: Return of Pointer Value Outside of Expected Range

CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

CWE-676: Use of Potentially Dangerous Function

CWE-606: Unchecked Input for Loop Condition

CWE-450: Multiple Interpretations of UI Input

CWE-131: Incorrect Calculation of Buffer Size

CWE-328: Use of Weak Hash

CWE-130: Improper Handling of Length Parameter Inconsistency

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-1220: Insufficient Granularity of Access Control

CWE-201: Insertion of Sensitive Information Into Sent Data

CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data

CWE-755: Improper Handling of Exceptional Conditions

CWE-347: Improper Verification of Cryptographic Signature

CWE-834: Excessive Iteration

CWE-178: Improper Handling of Case Sensitivity

CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-440: Expected Behavior Violation

CWE-415: Double Free

CWE-311: Missing Encryption of Sensitive Data

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel

CWE-754: Improper Check for Unusual or Exceptional Conditions

CWE-703: Improper Check or Handling of Exceptional Conditions

CWE-617: Reachable Assertion

CWE-427: Uncontrolled Search Path Element

CWE-836: Use of Password Hash Instead of Password for Authentication

CWE-680: Integer Overflow to Buffer Overflow

CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

CWE-23: Relative Path Traversal

CWE-116: Improper Encoding or Escaping of Output

CWE-345: Insufficient Verification of Data Authenticity

CWE-203: Observable Discrepancy

CWE-354: Improper Validation of Integrity Check Value

CWE-325: Missing Cryptographic Step

CWE-190: Integer Overflow or Wraparound

CWE-451: User Interface (UI) Misrepresentation of Critical Information

CWE-61: UNIX Symbolic Link (Symlink) Following

CWE-552: Files or Directories Accessible to External Parties

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-798: Use of Hard-coded Credentials

CWE-434: Unrestricted Upload of File with Dangerous Type

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-404: Improper Resource Shutdown or Release

CWE-284: Improper Access Control

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333: Inefficient Regular Expression Complexity

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-416: Use After Free

CWE-476: NULL Pointer Dereference

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-502: Deserialization of Untrusted Data

CWE-248: Uncaught Exception

CWE-674: Uncontrolled Recursion

CWE-863: Incorrect Authorization

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611: Improper Restriction of XML External Entity Reference

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-122: Heap-based Buffer Overflow

CWE-121: Stack-based Buffer Overflow

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-269: Improper Privilege Management

CWE-20: Improper Input Validation

CWE-209: Generation of Error Message Containing Sensitive Information

CWE-276: Incorrect Default Permissions

CWE-294: Authentication Bypass by Capture-replay

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2022-41727

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—

CVE-2023-4408

CWE-400 - Uncontrolled Resource Consumption

CVE-2023-5678

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Affected products

Known affected 97 products

CVE-2023-5981

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-203 - Observable Discrepancy

Affected products

Known affected 61 products

CVE-2023-6597

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-61 - UNIX Symbolic Link (Symlink) Following

Affected products

Known affected 95 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:::::::*`	—

CVE-2023-7256

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE-415 - Double Free

Affected products

Known affected 3 products

Product	Identifier	Version
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—

CVE-2023-29407

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-834 - Excessive Iteration

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—

CVE-2023-29408

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2023-40577

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:::::::*`	—

CVE-2023-46218

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 98 products

CVE-2023-46219

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 98 products

CVE-2023-46604

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 115 products

CVE-2023-50868

CWE-400 - Uncontrolled Resource Consumption

CVE-2024-0232

CWE-416 - Use After Free

Affected products

Known affected 75 products

CVE-2024-0397

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 60 products

CVE-2024-0450

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-450 - Multiple Interpretations of UI Input

Affected products

Known affected 107 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:::::::*`	—

CVE-2024-1442

6.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

CWE-269 - Improper Privilege Management

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-2961

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 93 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:::::::*`	—

CVE-2024-3596

9.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Affected products

Known affected 4 products

Product	Identifier	Version
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:::::::*`	—

CVE-2024-4030

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-276 - Incorrect Default Permissions

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—

CVE-2024-4032

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-440 - Expected Behavior Violation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—

CVE-2024-5535

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:::::::*`	—

CVE-2024-6119

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:::::::*`	—

CVE-2024-6162

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 123 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.1.0:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-6232

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—

CVE-2024-7254

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 53 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-7592

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-7885

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 13 products

Product	Identifier	Version
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:::::::*`	—

CVE-2024-8006

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 3 products

Product	Identifier	Version
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—

CVE-2024-9143

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:::::::*`	—

CVE-2024-22195

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 58 products

CVE-2024-24786

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-24791

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:::::::*`	—

CVE-2024-25638

8.9 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

CWE-345 - Insufficient Verification of Data Authenticity

Affected products

Known affected 43 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_converged_application_server oracle	`cpe:2.3:a:oracle:communications_converged_application_server:8.0:::::::*`	—
communications_converged_application_server oracle	`cpe:2.3:a:oracle:communications_converged_application_server:8.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:::::::*`	—

CVE-2024-25710

8.1 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 126 products

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 171 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-27309

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-284 - Improper Access Control

Affected products

Known affected 15 products

Product	Identifier	Version
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-28219

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 6 products

Product	Identifier	Version
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—

CVE-2024-28834

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 3 products

Product	Identifier	Version
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—

CVE-2024-28835

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-248 - Uncaught Exception

Affected products

Known affected 3 products

Product	Identifier	Version
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—

CVE-2024-28849

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 119 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.1-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-29025

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 125 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-29131

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 64 products

CVE-2024-29133

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 86 products

Product	Identifier	Version
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-33599

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 11 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:::::::*`	—

CVE-2024-33600

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 11 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:::::::*`	—

CVE-2024-33601

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-703 - Improper Check or Handling of Exceptional Conditions

Affected products

Known affected 11 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:::::::*`	—

CVE-2024-33602

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-466 - Return of Pointer Value Outside of Expected Range

Affected products

Known affected 42 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:::::::*`	—

CVE-2024-34064

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 97 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—

CVE-2024-34750

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Known affected 40 products

Product	Identifier	Version
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4.0:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:47.0.0.0.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—

CVE-2024-35195

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

CWE-670 - Always-Incorrect Control Flow Implementation

Affected products

Known affected 25 products

Product	Identifier	Version
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.0.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.1.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.8:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-37370

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 20 products

CVE-2024-37371

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 64 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 54 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:15.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-38475

CWE-284 - Improper Access Control

CVE-2024-38807

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Known affected 16 products

Product	Identifier	Version
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-38809

8.0 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—

CVE-2024-38816

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 41 products

Product	Identifier	Version
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—

CVE-2024-38819

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 10 products

Product	Identifier	Version
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 10 products

Product	Identifier	Version
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—

CVE-2024-38827

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 19 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-38998

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 15 products

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 15 products

CVE-2024-41817

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-427 - Uncontrolled Search Path Element

Affected products

Known affected 16 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—

CVE-2024-45490

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 7 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—

CVE-2024-45491

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 7 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 50 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—

CVE-2024-47535

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 15 products

Product	Identifier	Version
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-47554

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 19 products

Product	Identifier	Version
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.2.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.3.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-47561

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2024-47803

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-209 - Generation of Error Message Containing Sensitive Information

Affected products

Known affected 9 products

Product	Identifier	Version
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—

CVE-2024-47804

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 9 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—

CVE-2024-49766

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 3 products

Product	Identifier	Version
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:::::::*`	—

CVE-2024-49767

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 11 products

Product	Identifier	Version
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:::::::*`	—

CVE-2024-50379

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—

CVE-2024-50602

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 4 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:::::::*`	—

CVE-2024-53677

9.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—

CVE-2024-54677

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—

CVE-2024-56337

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—

CVE-2025-21542

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Known affected 16 products

Product	Identifier	Version
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2025-21544

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected products

Known affected 16 products

Product	Identifier	Version
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

CVE-2025-21554

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 16 products

Product	Identifier	Version
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.26:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1.0.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.0.0.3:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.1.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications::::::::`	—

References

83 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communicatieproducten, waaronder Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function en Oracle Communications Order and Service Management.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om Denial of Service (DoS) aanvallen uit te voeren of om ongeautoriseerde toegang tot gevoelige gegevens te verkrijgen. Specifieke versies, zoals 24.2.0 en 24.3.0 van de Cloud Native Core Network Function, zijn bijzonder kwetsbaar. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal geprepareerde HTTP-verzoeken te sturen naar het kwetsbare systeem.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Dependency on Vulnerable Third-Party Component",
        "title": "CWE-1395"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "Asymmetric Resource Consumption (Amplification)",
        "title": "CWE-405"
      },
      {
        "category": "general",
        "text": "Path Traversal: \u0027.../...//\u0027",
        "title": "CWE-35"
      },
      {
        "category": "general",
        "text": "Return of Pointer Value Outside of Expected Range",
        "title": "CWE-466"
      },
      {
        "category": "general",
        "text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
        "title": "CWE-338"
      },
      {
        "category": "general",
        "text": "Use of Potentially Dangerous Function",
        "title": "CWE-676"
      },
      {
        "category": "general",
        "text": "Unchecked Input for Loop Condition",
        "title": "CWE-606"
      },
      {
        "category": "general",
        "text": "Multiple Interpretations of UI Input",
        "title": "CWE-450"
      },
      {
        "category": "general",
        "text": "Incorrect Calculation of Buffer Size",
        "title": "CWE-131"
      },
      {
        "category": "general",
        "text": "Use of Weak Hash",
        "title": "CWE-328"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Insufficient Granularity of Access Control",
        "title": "CWE-1220"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information Into Sent Data",
        "title": "CWE-201"
      },
      {
        "category": "general",
        "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
        "title": "CWE-349"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Improper Verification of Cryptographic Signature",
        "title": "CWE-347"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
        "title": "CWE-367"
      },
      {
        "category": "general",
        "text": "Expected Behavior Violation",
        "title": "CWE-440"
      },
      {
        "category": "general",
        "text": "Double Free",
        "title": "CWE-415"
      },
      {
        "category": "general",
        "text": "Missing Encryption of Sensitive Data",
        "title": "CWE-311"
      },
      {
        "category": "general",
        "text": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
        "title": "CWE-924"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Improper Check or Handling of Exceptional Conditions",
        "title": "CWE-703"
      },
      {
        "category": "general",
        "text": "Reachable Assertion",
        "title": "CWE-617"
      },
      {
        "category": "general",
        "text": "Uncontrolled Search Path Element",
        "title": "CWE-427"
      },
      {
        "category": "general",
        "text": "Use of Password Hash Instead of Password for Authentication",
        "title": "CWE-836"
      },
      {
        "category": "general",
        "text": "Integer Overflow to Buffer Overflow",
        "title": "CWE-680"
      },
      {
        "category": "general",
        "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
        "title": "CWE-843"
      },
      {
        "category": "general",
        "text": "Relative Path Traversal",
        "title": "CWE-23"
      },
      {
        "category": "general",
        "text": "Improper Encoding or Escaping of Output",
        "title": "CWE-116"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Observable Discrepancy",
        "title": "CWE-203"
      },
      {
        "category": "general",
        "text": "Improper Validation of Integrity Check Value",
        "title": "CWE-354"
      },
      {
        "category": "general",
        "text": "Missing Cryptographic Step",
        "title": "CWE-325"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "User Interface (UI) Misrepresentation of Critical Information",
        "title": "CWE-451"
      },
      {
        "category": "general",
        "text": "UNIX Symbolic Link (Symlink) Following",
        "title": "CWE-61"
      },
      {
        "category": "general",
        "text": "Files or Directories Accessible to External Parties",
        "title": "CWE-552"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Use of Hard-coded Credentials",
        "title": "CWE-798"
      },
      {
        "category": "general",
        "text": "Unrestricted Upload of File with Dangerous Type",
        "title": "CWE-434"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Use of a Broken or Risky Cryptographic Algorithm",
        "title": "CWE-327"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Uncaught Exception",
        "title": "CWE-248"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Generation of Error Message Containing Sensitive Information",
        "title": "CWE-209"
      },
      {
        "category": "general",
        "text": "Incorrect Default Permissions",
        "title": "CWE-276"
      },
      {
        "category": "general",
        "text": "Authentication Bypass by Capture-replay",
        "title": "CWE-294"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Communications",
    "tracking": {
      "current_release_date": "2025-01-22T13:30:50.189632Z",
      "id": "NCSC-2025-0021",
      "initial_release_date": "2025-01-22T13:30:50.189632Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:30:50.189632Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1727475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635313",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635305",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635323",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670430",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635320",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670439",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635322",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670429",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670435",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670431",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670436",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670432",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635321",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635310",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674640",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674642",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670434",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635316",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674639",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635314",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670438",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635315",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670433",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674641",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670437",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635308",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications__10.4.0.4",
            "product": {
              "name": "communications__10.4.0.4",
              "product_id": "CSAFPID-1674629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.2",
            "product": {
              "name": "communications___23.4.2",
              "product_id": "CSAFPID-1670442",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.3",
            "product": {
              "name": "communications___23.4.3",
              "product_id": "CSAFPID-1635325",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.4",
            "product": {
              "name": "communications___23.4.4",
              "product_id": "CSAFPID-1635326",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.5",
            "product": {
              "name": "communications___23.4.5",
              "product_id": "CSAFPID-1674645",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.6",
            "product": {
              "name": "communications___23.4.6",
              "product_id": "CSAFPID-1674646",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___24.2.0",
            "product": {
              "name": "communications___24.2.0",
              "product_id": "CSAFPID-1674644",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___7.2.1.0.0",
            "product": {
              "name": "communications___7.2.1.0.0",
              "product_id": "CSAFPID-1670441",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___8.6.0.6",
            "product": {
              "name": "communications___8.6.0.6",
              "product_id": "CSAFPID-1635327",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___8.6.0.8",
            "product": {
              "name": "communications___8.6.0.8",
              "product_id": "CSAFPID-1635328",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.0.2",
            "product": {
              "name": "communications___9.0.2",
              "product_id": "CSAFPID-1670440",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.0.3",
            "product": {
              "name": "communications___9.0.3",
              "product_id": "CSAFPID-1635329",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.1.1.8.0",
            "product": {
              "name": "communications___9.1.1.8.0",
              "product_id": "CSAFPID-1674643",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751386",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674621",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751381",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751383",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:15.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751378",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751377",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751385",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674618",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674619",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674622",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751384",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674617",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674623",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:8.0.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751380",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:8.1.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1751379",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:8.1.0.26:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674620",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___12.0.6.0.0",
            "product": {
              "name": "communications_applications___12.0.6.0.0",
              "product_id": "CSAFPID-1674627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___5.5.22",
            "product": {
              "name": "communications_applications___5.5.22",
              "product_id": "CSAFPID-1674626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.3",
            "product": {
              "name": "communications_applications___6.0.3",
              "product_id": "CSAFPID-1674628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.4",
            "product": {
              "name": "communications_applications___6.0.4",
              "product_id": "CSAFPID-1674624",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.5",
            "product": {
              "name": "communications_applications___6.0.5",
              "product_id": "CSAFPID-1674625",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-816792",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-764735",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-1751255",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-1751254",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-816793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-912557",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-764247",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-1650820",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-912556",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-1751303",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220055",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816765",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816766",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1503577",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1751300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-764237",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1650752",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1673396",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1751085",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1751079",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673526",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673394",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1751253",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-816768",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-816769",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-912085",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1503578",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1673389",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1673390",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1751090",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1673421",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1673420",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1751246",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-816770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-816771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-912068",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-1503579",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-816772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-912076",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-1503580",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-219838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-611387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-816773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912101",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1503581",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1751208",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1751209",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912539",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912540",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912541",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912542",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912543",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816346",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-912077",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1503322",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1673413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1673415",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1751231",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816775",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-912544",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816348",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-912545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816347",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-1673494",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-764240",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1650751",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1673517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1673395",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-912069",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1751225",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1751088",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1751089",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-94291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-816778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-614517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-912547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1673392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1503582",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1673393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1751081",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1751084",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-912546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-224795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912102",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912549",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503583",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503584",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503585",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1672767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1751241",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-90016",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-912078",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-816349",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-912550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1503586",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1503587",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1751238",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1751240",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1673399",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1751239",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1751080",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1751082",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-816779",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server",
            "product": {
              "name": "communications_converged_application_server",
              "product_id": "CSAFPID-1751229",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server",
            "product": {
              "name": "communications_converged_application_server",
              "product_id": "CSAFPID-1751230",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_charging_system",
            "product": {
              "name": "communications_converged_charging_system",
              "product_id": "CSAFPID-1503599",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_charging_system",
            "product": {
              "name": "communications_converged_charging_system",
              "product_id": "CSAFPID-1503600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-1751292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-1751294",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-224793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-1751295",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-816794",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-342793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1650777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-816350",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-1672764",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1503588",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1751104",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-40293",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1751242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1751237",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1751097",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-611413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1751211",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-912551",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-912552",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1503316",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1503317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1751243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:47.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-764242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-819413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-819414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-816780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-816781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-816782",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-912553",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-219803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_ip_service_activator",
            "product": {
              "name": "communications_ip_service_activator",
              "product_id": "CSAFPID-204622",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_ip_service_activator",
            "product": {
              "name": "communications_ip_service_activator",
              "product_id": "CSAFPID-219909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-816351",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-1751218",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_metasolv_solution",
            "product": {
              "name": "communications_metasolv_solution",
              "product_id": "CSAFPID-611595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816353",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816352",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1503589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1503590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1673414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816783",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816786",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816784",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816787",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816785",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816788",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-342803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-1650778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-1266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-816354",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-204563",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-219776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_offline_mediation_controller",
            "product": {
              "name": "communications_offline_mediation_controller",
              "product_id": "CSAFPID-765242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_offline_mediation_controller",
            "product": {
              "name": "communications_offline_mediation_controller",
              "product_id": "CSAFPID-916906",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_offline_mediation_controller",
            "product": {
              "name": "communications_offline_mediation_controller",
              "product_id": "CSAFPID-1751247",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_offline_mediation_controller",
            "product": {
              "name": "communications_offline_mediation_controller",
              "product_id": "CSAFPID-1751248",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-93781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-220132",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-912079",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-224790",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-221118",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-1673496",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence",
            "product": {
              "name": "communications_performance_intelligence",
              "product_id": "CSAFPID-1503591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-816789",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-816790",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-764738",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-816355",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1503601",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816359",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816358",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816357",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-912558",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1751233",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1503602",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1751234",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816797",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503593",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1672762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503594",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-342804",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-819415",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-819416",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-816791",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-240600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1650731",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673530",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1751235",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.1-6.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1751296",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-764739",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-8984",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204510",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204569",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-219826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-912073",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503596",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503597",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503598",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1751217",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-912080",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1673481",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1751258",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-912554",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-41727",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-41727",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41727.json"
        }
      ],
      "title": "CVE-2022-41727"
    },
    {
      "cve": "CVE-2023-4408",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4408",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4408.json"
        }
      ],
      "title": "CVE-2023-4408"
    },
    {
      "cve": "CVE-2023-5678",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "other",
          "text": "Missing Cryptographic Step",
          "title": "CWE-325"
        },
        {
          "category": "other",
          "text": "Unchecked Input for Loop Condition",
          "title": "CWE-606"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764237",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5678",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
        }
      ],
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5981",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Discrepancy",
          "title": "CWE-203"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1751217",
          "CSAFPID-1673481"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5981",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5981.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1751217",
            "CSAFPID-1673481"
          ]
        }
      ],
      "title": "CVE-2023-5981"
    },
    {
      "cve": "CVE-2023-6597",
      "cwe": {
        "id": "CWE-61",
        "name": "UNIX Symbolic Link (Symlink) Following"
      },
      "notes": [
        {
          "category": "other",
          "text": "UNIX Symbolic Link (Symlink) Following",
          "title": "CWE-61"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1751097"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6597",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1751097"
          ]
        }
      ],
      "title": "CVE-2023-6597"
    },
    {
      "cve": "CVE-2023-7256",
      "cwe": {
        "id": "CWE-415",
        "name": "Double Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Double Free",
          "title": "CWE-415"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220132",
          "CSAFPID-1751084",
          "CSAFPID-912079"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-7256",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7256.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220132",
            "CSAFPID-1751084",
            "CSAFPID-912079"
          ]
        }
      ],
      "title": "CVE-2023-7256"
    },
    {
      "cve": "CVE-2023-29407",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-29407",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29407.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530"
          ]
        }
      ],
      "title": "CVE-2023-29407"
    },
    {
      "cve": "CVE-2023-29408",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-29408",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29408.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2023-29408"
    },
    {
      "cve": "CVE-2023-40577",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751208",
          "CSAFPID-1751209"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-40577",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-40577.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751208",
            "CSAFPID-1751209"
          ]
        }
      ],
      "title": "CVE-2023-40577"
    },
    {
      "cve": "CVE-2023-46218",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information Into Sent Data",
          "title": "CWE-201"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-1751211"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46218",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46218.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-1751211"
          ]
        }
      ],
      "title": "CVE-2023-46218"
    },
    {
      "cve": "CVE-2023-46219",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-614517",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-1751211"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46219",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-614517",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-1751211"
          ]
        }
      ],
      "title": "CVE-2023-46219"
    },
    {
      "cve": "CVE-2023-46604",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-94291",
          "CSAFPID-40293",
          "CSAFPID-1265",
          "CSAFPID-1261",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-219826",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-204622",
          "CSAFPID-219803",
          "CSAFPID-219838",
          "CSAFPID-219909",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-224793",
          "CSAFPID-240600",
          "CSAFPID-342793",
          "CSAFPID-342803",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-611595",
          "CSAFPID-614517",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764738",
          "CSAFPID-816346",
          "CSAFPID-816347",
          "CSAFPID-816348",
          "CSAFPID-816349",
          "CSAFPID-816350",
          "CSAFPID-816351",
          "CSAFPID-816352",
          "CSAFPID-816353",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816776",
          "CSAFPID-816777",
          "CSAFPID-816778",
          "CSAFPID-816779",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-1751104"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46604",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46604.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-94291",
            "CSAFPID-40293",
            "CSAFPID-1265",
            "CSAFPID-1261",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-224795",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-219826",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-204622",
            "CSAFPID-219803",
            "CSAFPID-219838",
            "CSAFPID-219909",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-224793",
            "CSAFPID-240600",
            "CSAFPID-342793",
            "CSAFPID-342803",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-611595",
            "CSAFPID-614517",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764738",
            "CSAFPID-816346",
            "CSAFPID-816347",
            "CSAFPID-816348",
            "CSAFPID-816349",
            "CSAFPID-816350",
            "CSAFPID-816351",
            "CSAFPID-816352",
            "CSAFPID-816353",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816776",
            "CSAFPID-816777",
            "CSAFPID-816778",
            "CSAFPID-816779",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-1751104"
          ]
        }
      ],
      "title": "CVE-2023-46604"
    },
    {
      "cve": "CVE-2023-50868",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-50868",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50868.json"
        }
      ],
      "title": "CVE-2023-50868"
    },
    {
      "cve": "CVE-2024-0232",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650777",
          "CSAFPID-1650778",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1751218",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0232",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json"
        }
      ],
      "title": "CVE-2024-0232"
    },
    {
      "cve": "CVE-2024-0397",
      "product_status": {
        "known_affected": [
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0397",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1673530"
          ]
        }
      ],
      "title": "CVE-2024-0397"
    },
    {
      "cve": "CVE-2024-0450",
      "cwe": {
        "id": "CWE-450",
        "name": "Multiple Interpretations of UI Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Multiple Interpretations of UI Input",
          "title": "CWE-450"
        },
        {
          "category": "other",
          "text": "Asymmetric Resource Consumption (Amplification)",
          "title": "CWE-405"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1727475",
          "CSAFPID-1751097"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0450",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1727475",
            "CSAFPID-1751097"
          ]
        }
      ],
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-1442",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1442",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1442.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-1442"
    },
    {
      "cve": "CVE-2024-2961",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1672762",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1673396",
          "CSAFPID-1673395",
          "CSAFPID-1673494",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1727475",
          "CSAFPID-1751097",
          "CSAFPID-1751237"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2961",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1672762",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1673396",
            "CSAFPID-1673395",
            "CSAFPID-1673494",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1727475",
            "CSAFPID-1751097",
            "CSAFPID-1751237"
          ]
        }
      ],
      "title": "CVE-2024-2961"
    },
    {
      "cve": "CVE-2024-3596",
      "cwe": {
        "id": "CWE-924",
        "name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
          "title": "CWE-924"
        },
        {
          "category": "other",
          "text": "Use of Weak Hash",
          "title": "CWE-328"
        },
        {
          "category": "other",
          "text": "Authentication Bypass by Capture-replay",
          "title": "CWE-294"
        },
        {
          "category": "other",
          "text": "Use of Password Hash Instead of Password for Authentication",
          "title": "CWE-836"
        },
        {
          "category": "other",
          "text": "Use of a Broken or Risky Cryptographic Algorithm",
          "title": "CWE-327"
        },
        {
          "category": "other",
          "text": "User Interface (UI) Misrepresentation of Critical Information",
          "title": "CWE-451"
        },
        {
          "category": "other",
          "text": "Improper Validation of Integrity Check Value",
          "title": "CWE-354"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751090",
          "CSAFPID-912079",
          "CSAFPID-220132",
          "CSAFPID-1751253"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-3596",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-3596.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751090",
            "CSAFPID-912079",
            "CSAFPID-220132",
            "CSAFPID-1751253"
          ]
        }
      ],
      "title": "CVE-2024-3596"
    },
    {
      "cve": "CVE-2024-4030",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Default Permissions",
          "title": "CWE-276"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4030",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530"
          ]
        }
      ],
      "title": "CVE-2024-4030"
    },
    {
      "cve": "CVE-2024-4032",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Expected Behavior Violation",
          "title": "CWE-440"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4032",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530"
          ]
        }
      ],
      "title": "CVE-2024-4032"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Dependency on Vulnerable Third-Party Component",
          "title": "CWE-1395"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751090",
          "CSAFPID-1751253"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751090",
            "CSAFPID-1751253"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-6119",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
          "title": "CWE-843"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751209"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6119",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751209"
          ]
        }
      ],
      "title": "CVE-2024-6119"
    },
    {
      "cve": "CVE-2024-6162",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673526",
          "CSAFPID-1673399",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1727475",
          "CSAFPID-1751303",
          "CSAFPID-1650820",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6162",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673526",
            "CSAFPID-1673399",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1727475",
            "CSAFPID-1751303",
            "CSAFPID-1650820",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-6162"
    },
    {
      "cve": "CVE-2024-6232",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6232",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530"
          ]
        }
      ],
      "title": "CVE-2024-6232"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751225",
          "CSAFPID-1751233",
          "CSAFPID-1673530",
          "CSAFPID-1751234",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673391",
            "CSAFPID-1673394",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751225",
            "CSAFPID-1751233",
            "CSAFPID-1673530",
            "CSAFPID-1751234",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-7592",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7592",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-7592"
    },
    {
      "cve": "CVE-2024-7885",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673526",
          "CSAFPID-1673399",
          "CSAFPID-1751080",
          "CSAFPID-1751090",
          "CSAFPID-1751079",
          "CSAFPID-1751225",
          "CSAFPID-1672767",
          "CSAFPID-1751241",
          "CSAFPID-1751081",
          "CSAFPID-1751084",
          "CSAFPID-1673393",
          "CSAFPID-1751085",
          "CSAFPID-1751231"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7885",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7885.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673526",
            "CSAFPID-1673399",
            "CSAFPID-1751080",
            "CSAFPID-1751090",
            "CSAFPID-1751079",
            "CSAFPID-1751225",
            "CSAFPID-1672767",
            "CSAFPID-1751241",
            "CSAFPID-1751081",
            "CSAFPID-1751084",
            "CSAFPID-1673393",
            "CSAFPID-1751085",
            "CSAFPID-1751231"
          ]
        }
      ],
      "title": "CVE-2024-7885"
    },
    {
      "cve": "CVE-2024-8006",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220132",
          "CSAFPID-1751084",
          "CSAFPID-912079"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8006",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8006.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220132",
            "CSAFPID-1751084",
            "CSAFPID-912079"
          ]
        }
      ],
      "title": "CVE-2024-8006"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751253"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9143",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-22195",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764237",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-1751225",
          "CSAFPID-1751079",
          "CSAFPID-1751081",
          "CSAFPID-1673393",
          "CSAFPID-1751085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764237",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-764240",
            "CSAFPID-614517",
            "CSAFPID-224795",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-912073",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-1751225",
            "CSAFPID-1751079",
            "CSAFPID-1751081",
            "CSAFPID-1673393",
            "CSAFPID-1751085"
          ]
        }
      ],
      "title": "CVE-2024-22195"
    },
    {
      "cve": "CVE-2024-24786",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24786",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24786.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-24786"
    },
    {
      "cve": "CVE-2024-24791",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751208",
          "CSAFPID-1751209"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24791",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24791.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751208",
            "CSAFPID-1751209"
          ]
        }
      ],
      "title": "CVE-2024-24791"
    },
    {
      "cve": "CVE-2024-25638",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        },
        {
          "category": "other",
          "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
          "title": "CWE-349"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751225",
          "CSAFPID-1751079",
          "CSAFPID-1751229",
          "CSAFPID-1751230",
          "CSAFPID-1751081",
          "CSAFPID-1751084",
          "CSAFPID-1673393",
          "CSAFPID-1751085",
          "CSAFPID-1751231"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25638",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751225",
            "CSAFPID-1751079",
            "CSAFPID-1751229",
            "CSAFPID-1751230",
            "CSAFPID-1751081",
            "CSAFPID-1751084",
            "CSAFPID-1673393",
            "CSAFPID-1751085",
            "CSAFPID-1751231"
          ]
        }
      ],
      "title": "CVE-2024-25638"
    },
    {
      "cve": "CVE-2024-25710",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-912101",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-912102",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-342804",
          "CSAFPID-912080",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-1727475",
          "CSAFPID-1751218"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25710",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-912101",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-764240",
            "CSAFPID-614517",
            "CSAFPID-224795",
            "CSAFPID-912102",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-342804",
            "CSAFPID-912080",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-912073",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-1727475",
            "CSAFPID-1751218"
          ]
        }
      ],
      "title": "CVE-2024-25710"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-1727475",
          "CSAFPID-1751218",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-1727475",
            "CSAFPID-1751218",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-27309",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751233",
          "CSAFPID-1751234",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-27309",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27309.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751233",
            "CSAFPID-1751234",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-27309"
    },
    {
      "cve": "CVE-2024-28219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "Use of Potentially Dangerous Function",
          "title": "CWE-676"
        },
        {
          "category": "other",
          "text": "Integer Overflow to Buffer Overflow",
          "title": "CWE-680"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751079",
          "CSAFPID-1751225",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1751085",
          "CSAFPID-912547"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28219",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751079",
            "CSAFPID-1751225",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1751085",
            "CSAFPID-912547"
          ]
        }
      ],
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-28834",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Use of a Broken or Risky Cryptographic Algorithm",
          "title": "CWE-327"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673481",
          "CSAFPID-1751217",
          "CSAFPID-1503590"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28834",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28834.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673481",
            "CSAFPID-1751217",
            "CSAFPID-1503590"
          ]
        }
      ],
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-28835",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncaught Exception",
          "title": "CWE-248"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673481",
          "CSAFPID-1751217",
          "CSAFPID-1503590"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28835",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28835.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673481",
            "CSAFPID-1751217",
            "CSAFPID-1503590"
          ]
        }
      ],
      "title": "CVE-2024-28835"
    },
    {
      "cve": "CVE-2024-28849",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673414",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1727475",
          "CSAFPID-1751235",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673414",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1727475",
            "CSAFPID-1751235",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673494",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1727475",
          "CSAFPID-1751233",
          "CSAFPID-1751218",
          "CSAFPID-1751234",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673494",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1727475",
            "CSAFPID-1751233",
            "CSAFPID-1751218",
            "CSAFPID-1751234",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29131",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650820",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1673530"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29131",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650820",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1673530"
          ]
        }
      ],
      "title": "CVE-2024-29131"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650820",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1673530",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650820",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1673530",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-33599",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673396",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1672762",
          "CSAFPID-1673395",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673494",
          "CSAFPID-1751237"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33599",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33599.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673396",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1672762",
            "CSAFPID-1673395",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673494",
            "CSAFPID-1751237"
          ]
        }
      ],
      "title": "CVE-2024-33599"
    },
    {
      "cve": "CVE-2024-33600",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673396",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1672762",
          "CSAFPID-1673395",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673494",
          "CSAFPID-1751237"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33600",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33600.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673396",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1672762",
            "CSAFPID-1673395",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673494",
            "CSAFPID-1751237"
          ]
        }
      ],
      "title": "CVE-2024-33600"
    },
    {
      "cve": "CVE-2024-33601",
      "cwe": {
        "id": "CWE-703",
        "name": "Improper Check or Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check or Handling of Exceptional Conditions",
          "title": "CWE-703"
        },
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673396",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1672762",
          "CSAFPID-1673395",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673494",
          "CSAFPID-1751237"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33601",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33601.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673396",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1672762",
            "CSAFPID-1673395",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673494",
            "CSAFPID-1751237"
          ]
        }
      ],
      "title": "CVE-2024-33601"
    },
    {
      "cve": "CVE-2024-33602",
      "cwe": {
        "id": "CWE-466",
        "name": "Return of Pointer Value Outside of Expected Range"
      },
      "notes": [
        {
          "category": "other",
          "text": "Return of Pointer Value Outside of Expected Range",
          "title": "CWE-466"
        },
        {
          "category": "other",
          "text": "Improper Check or Handling of Exceptional Conditions",
          "title": "CWE-703"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673396",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1672762",
          "CSAFPID-1673395",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673494",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751237"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33602",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673396",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1672762",
            "CSAFPID-1673395",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673494",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751237"
          ]
        }
      ],
      "title": "CVE-2024-33602"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1727475",
          "CSAFPID-1751238",
          "CSAFPID-1751225",
          "CSAFPID-1751079",
          "CSAFPID-1751081",
          "CSAFPID-1673393",
          "CSAFPID-1751239",
          "CSAFPID-1751082",
          "CSAFPID-1751240",
          "CSAFPID-1672767",
          "CSAFPID-1751241",
          "CSAFPID-1673481",
          "CSAFPID-1751085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1727475",
            "CSAFPID-1751238",
            "CSAFPID-1751225",
            "CSAFPID-1751079",
            "CSAFPID-1751081",
            "CSAFPID-1673393",
            "CSAFPID-1751239",
            "CSAFPID-1751082",
            "CSAFPID-1751240",
            "CSAFPID-1672767",
            "CSAFPID-1751241",
            "CSAFPID-1673481",
            "CSAFPID-1751085"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673481",
          "CSAFPID-1503596",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751242",
          "CSAFPID-1751243",
          "CSAFPID-1751079",
          "CSAFPID-1751225",
          "CSAFPID-1751085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673481",
            "CSAFPID-1503596",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751242",
            "CSAFPID-1751243",
            "CSAFPID-1751079",
            "CSAFPID-1751225",
            "CSAFPID-1751085"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751246",
          "CSAFPID-1751247",
          "CSAFPID-1751248",
          "CSAFPID-1673530",
          "CSAFPID-1673393",
          "CSAFPID-1751239",
          "CSAFPID-220132",
          "CSAFPID-1751082",
          "CSAFPID-1672767",
          "CSAFPID-1751241",
          "CSAFPID-912079",
          "CSAFPID-916906",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751246",
            "CSAFPID-1751247",
            "CSAFPID-1751248",
            "CSAFPID-1673530",
            "CSAFPID-1673393",
            "CSAFPID-1751239",
            "CSAFPID-220132",
            "CSAFPID-1751082",
            "CSAFPID-1672767",
            "CSAFPID-1751241",
            "CSAFPID-912079",
            "CSAFPID-916906",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-37370",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673413",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1503590",
          "CSAFPID-1673393",
          "CSAFPID-1673395",
          "CSAFPID-1673399",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673392",
          "CSAFPID-1503589",
          "CSAFPID-1673415",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1751237",
          "CSAFPID-1751254",
          "CSAFPID-1751217",
          "CSAFPID-1673481",
          "CSAFPID-1751255"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37370",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673413",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1503590",
            "CSAFPID-1673393",
            "CSAFPID-1673395",
            "CSAFPID-1673399",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673392",
            "CSAFPID-1503589",
            "CSAFPID-1673415",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1751237",
            "CSAFPID-1751254",
            "CSAFPID-1751217",
            "CSAFPID-1673481",
            "CSAFPID-1751255"
          ]
        }
      ],
      "title": "CVE-2024-37370"
    },
    {
      "cve": "CVE-2024-37371",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673413",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1503590",
          "CSAFPID-1673393",
          "CSAFPID-1673395",
          "CSAFPID-1673399",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673392",
          "CSAFPID-1503589",
          "CSAFPID-1673415",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751237",
          "CSAFPID-1751254",
          "CSAFPID-1751217",
          "CSAFPID-1673481",
          "CSAFPID-1751255",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37371",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673413",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1503590",
            "CSAFPID-1673393",
            "CSAFPID-1673395",
            "CSAFPID-1673399",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673392",
            "CSAFPID-1503589",
            "CSAFPID-1673415",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751237",
            "CSAFPID-1751254",
            "CSAFPID-1751217",
            "CSAFPID-1673481",
            "CSAFPID-1751255",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751225",
          "CSAFPID-1751254",
          "CSAFPID-1673530",
          "CSAFPID-1751217",
          "CSAFPID-1751255",
          "CSAFPID-816790",
          "CSAFPID-1751258",
          "CSAFPID-1673481",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751225",
            "CSAFPID-1751254",
            "CSAFPID-1673530",
            "CSAFPID-1751217",
            "CSAFPID-1751255",
            "CSAFPID-816790",
            "CSAFPID-1751258",
            "CSAFPID-1673481",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38475",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        },
        {
          "category": "other",
          "text": "Path Traversal: \u0027.../...//\u0027",
          "title": "CWE-35"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Use of Hard-coded Credentials",
          "title": "CWE-798"
        },
        {
          "category": "other",
          "text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
          "title": "CWE-338"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38475",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
        }
      ],
      "title": "CVE-2024-38475"
    },
    {
      "cve": "CVE-2024-38807",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Cryptographic Signature",
          "title": "CWE-347"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751090",
          "CSAFPID-1751233",
          "CSAFPID-1751234",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751090",
            "CSAFPID-1751233",
            "CSAFPID-1751234",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-38807"
    },
    {
      "cve": "CVE-2024-38809",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673393"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38809",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-1673393"
          ]
        }
      ],
      "title": "CVE-2024-38809"
    },
    {
      "cve": "CVE-2024-38816",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Relative Path Traversal",
          "title": "CWE-23"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1751081",
          "CSAFPID-1673393",
          "CSAFPID-1751079",
          "CSAFPID-1751080",
          "CSAFPID-1751084",
          "CSAFPID-1751085",
          "CSAFPID-1751082",
          "CSAFPID-1751225"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1751081",
            "CSAFPID-1673393",
            "CSAFPID-1751079",
            "CSAFPID-1751080",
            "CSAFPID-1751084",
            "CSAFPID-1751085",
            "CSAFPID-1751082",
            "CSAFPID-1751225"
          ]
        }
      ],
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673393",
          "CSAFPID-1751079",
          "CSAFPID-1751080",
          "CSAFPID-1751081",
          "CSAFPID-1751082",
          "CSAFPID-1751084",
          "CSAFPID-1751085",
          "CSAFPID-1751225",
          "CSAFPID-1672767",
          "CSAFPID-1751241"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673393",
            "CSAFPID-1751079",
            "CSAFPID-1751080",
            "CSAFPID-1751081",
            "CSAFPID-1751082",
            "CSAFPID-1751084",
            "CSAFPID-1751085",
            "CSAFPID-1751225",
            "CSAFPID-1672767",
            "CSAFPID-1751241"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751079",
          "CSAFPID-1751225",
          "CSAFPID-1751081",
          "CSAFPID-1751084",
          "CSAFPID-1673393",
          "CSAFPID-1751080",
          "CSAFPID-1751082",
          "CSAFPID-1751085",
          "CSAFPID-1672767",
          "CSAFPID-1751241"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751079",
            "CSAFPID-1751225",
            "CSAFPID-1751081",
            "CSAFPID-1751084",
            "CSAFPID-1673393",
            "CSAFPID-1751080",
            "CSAFPID-1751082",
            "CSAFPID-1751085",
            "CSAFPID-1672767",
            "CSAFPID-1751241"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38827",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751225",
          "CSAFPID-1751079",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-1673393",
          "CSAFPID-1751085",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38827",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751225",
            "CSAFPID-1751079",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-1673393",
            "CSAFPID-1751085",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-38998",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751225",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-912073",
          "CSAFPID-1751254",
          "CSAFPID-1751079",
          "CSAFPID-1751242",
          "CSAFPID-1751234",
          "CSAFPID-1673496",
          "CSAFPID-1751233",
          "CSAFPID-1751255",
          "CSAFPID-1673481",
          "CSAFPID-1751085",
          "CSAFPID-220132",
          "CSAFPID-912079"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751225",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-912073",
            "CSAFPID-1751254",
            "CSAFPID-1751079",
            "CSAFPID-1751242",
            "CSAFPID-1751234",
            "CSAFPID-1673496",
            "CSAFPID-1751233",
            "CSAFPID-1751255",
            "CSAFPID-1673481",
            "CSAFPID-1751085",
            "CSAFPID-220132",
            "CSAFPID-912079"
          ]
        }
      ],
      "title": "CVE-2024-38998"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751225",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-912073",
          "CSAFPID-1751254",
          "CSAFPID-1751079",
          "CSAFPID-1751242",
          "CSAFPID-1751234",
          "CSAFPID-1673496",
          "CSAFPID-1751233",
          "CSAFPID-1751255",
          "CSAFPID-1673481",
          "CSAFPID-1751085",
          "CSAFPID-220132",
          "CSAFPID-912079"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751225",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-912073",
            "CSAFPID-1751254",
            "CSAFPID-1751079",
            "CSAFPID-1751242",
            "CSAFPID-1751234",
            "CSAFPID-1673496",
            "CSAFPID-1751233",
            "CSAFPID-1751255",
            "CSAFPID-1673481",
            "CSAFPID-1751085",
            "CSAFPID-220132",
            "CSAFPID-912079"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-41817",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-220132",
          "CSAFPID-912079"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-41817",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-220132",
            "CSAFPID-912079"
          ]
        }
      ],
      "title": "CVE-2024-41817"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1673399",
          "CSAFPID-1650731",
          "CSAFPID-1673517",
          "CSAFPID-1673396",
          "CSAFPID-1673414",
          "CSAFPID-1503590"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45490",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1673399",
            "CSAFPID-1650731",
            "CSAFPID-1673517",
            "CSAFPID-1673396",
            "CSAFPID-1673414",
            "CSAFPID-1503590"
          ]
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1673399",
          "CSAFPID-1650731",
          "CSAFPID-1673517",
          "CSAFPID-1673396",
          "CSAFPID-1673414",
          "CSAFPID-1503590"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45491",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1673399",
            "CSAFPID-1650731",
            "CSAFPID-1673517",
            "CSAFPID-1673396",
            "CSAFPID-1673414",
            "CSAFPID-1503590"
          ]
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1673399",
          "CSAFPID-1650731",
          "CSAFPID-1673517",
          "CSAFPID-1673396",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1673414",
          "CSAFPID-1503590"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1673399",
            "CSAFPID-1650731",
            "CSAFPID-1673517",
            "CSAFPID-1673396",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1673414",
            "CSAFPID-1503590"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-47535",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751233",
          "CSAFPID-1751234",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751233",
            "CSAFPID-1751234",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-47535"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751292",
          "CSAFPID-1751234",
          "CSAFPID-1751294",
          "CSAFPID-1751233",
          "CSAFPID-1751295",
          "CSAFPID-1751296",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751292",
            "CSAFPID-1751234",
            "CSAFPID-1751294",
            "CSAFPID-1751233",
            "CSAFPID-1751295",
            "CSAFPID-1751296",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751296",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751296",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2024-47803",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Generation of Error Message Containing Sensitive Information",
          "title": "CWE-209"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751079",
          "CSAFPID-1751225",
          "CSAFPID-1672767",
          "CSAFPID-1751300",
          "CSAFPID-1751241",
          "CSAFPID-1751081",
          "CSAFPID-1751084",
          "CSAFPID-1673393",
          "CSAFPID-1751085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47803",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47803.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751079",
            "CSAFPID-1751225",
            "CSAFPID-1672767",
            "CSAFPID-1751300",
            "CSAFPID-1751241",
            "CSAFPID-1751081",
            "CSAFPID-1751084",
            "CSAFPID-1673393",
            "CSAFPID-1751085"
          ]
        }
      ],
      "title": "CVE-2024-47803"
    },
    {
      "cve": "CVE-2024-47804",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "other",
          "text": "Insufficient Granularity of Access Control",
          "title": "CWE-1220"
        },
        {
          "category": "other",
          "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
          "title": "CWE-843"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751225",
          "CSAFPID-1751079",
          "CSAFPID-1672767",
          "CSAFPID-1751300",
          "CSAFPID-1751241",
          "CSAFPID-1751081",
          "CSAFPID-1751084",
          "CSAFPID-1673393",
          "CSAFPID-1751085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47804",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47804.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751225",
            "CSAFPID-1751079",
            "CSAFPID-1672767",
            "CSAFPID-1751300",
            "CSAFPID-1751241",
            "CSAFPID-1751081",
            "CSAFPID-1751084",
            "CSAFPID-1673393",
            "CSAFPID-1751085"
          ]
        }
      ],
      "title": "CVE-2024-47804"
    },
    {
      "cve": "CVE-2024-49766",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751208",
          "CSAFPID-1751246",
          "CSAFPID-1751209"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-49766",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49766.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751208",
            "CSAFPID-1751246",
            "CSAFPID-1751209"
          ]
        }
      ],
      "title": "CVE-2024-49766"
    },
    {
      "cve": "CVE-2024-49767",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751208",
          "CSAFPID-1751080",
          "CSAFPID-1751079",
          "CSAFPID-1751225",
          "CSAFPID-1751082",
          "CSAFPID-1751300",
          "CSAFPID-1751246",
          "CSAFPID-1751209",
          "CSAFPID-1673393",
          "CSAFPID-1751085",
          "CSAFPID-1751231"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-49767",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49767.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751208",
            "CSAFPID-1751080",
            "CSAFPID-1751079",
            "CSAFPID-1751225",
            "CSAFPID-1751082",
            "CSAFPID-1751300",
            "CSAFPID-1751246",
            "CSAFPID-1751209",
            "CSAFPID-1673393",
            "CSAFPID-1751085",
            "CSAFPID-1751231"
          ]
        }
      ],
      "title": "CVE-2024-49767"
    },
    {
      "cve": "CVE-2024-50379",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816790"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-50379",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50379.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816790"
          ]
        }
      ],
      "title": "CVE-2024-50379"
    },
    {
      "cve": "CVE-2024-50602",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751225",
          "CSAFPID-1751079",
          "CSAFPID-1751082",
          "CSAFPID-1751085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-50602",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751225",
            "CSAFPID-1751079",
            "CSAFPID-1751082",
            "CSAFPID-1751085"
          ]
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-53677",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Unrestricted Upload of File with Dangerous Type",
          "title": "CWE-434"
        },
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816790"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53677",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53677.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816790"
          ]
        }
      ],
      "title": "CVE-2024-53677"
    },
    {
      "cve": "CVE-2024-54677",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816790"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-54677",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54677.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816790"
          ]
        }
      ],
      "title": "CVE-2024-54677"
    },
    {
      "cve": "CVE-2024-56337",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816790"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-56337",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816790"
          ]
        }
      ],
      "title": "CVE-2024-56337"
    },
    {
      "cve": "CVE-2025-21542",
      "product_status": {
        "known_affected": [
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21542",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21542.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2025-21542"
    },
    {
      "cve": "CVE-2025-21544",
      "product_status": {
        "known_affected": [
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21544",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21544.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2025-21544"
    },
    {
      "cve": "CVE-2025-21554",
      "product_status": {
        "known_affected": [
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-1751377",
          "CSAFPID-1751378",
          "CSAFPID-1751379",
          "CSAFPID-1751380",
          "CSAFPID-1751381",
          "CSAFPID-1751382",
          "CSAFPID-1751383",
          "CSAFPID-1674619",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1751384",
          "CSAFPID-1751385",
          "CSAFPID-1751386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-1751377",
            "CSAFPID-1751378",
            "CSAFPID-1751379",
            "CSAFPID-1751380",
            "CSAFPID-1751381",
            "CSAFPID-1751382",
            "CSAFPID-1751383",
            "CSAFPID-1674619",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1751384",
            "CSAFPID-1751385",
            "CSAFPID-1751386"
          ]
        }
      ],
      "title": "CVE-2025-21554"
    }
  ]
}

NCSC-2025-0028

Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:36 - Updated: 2025-01-22 13:36

Summary

Kwetsbaarheden verholpen in Oracle Analytics

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-416: Use After Free

CWE-476: NULL Pointer Dereference

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-502: Deserialization of Untrusted Data

CWE-248: Uncaught Exception

CWE-674: Uncontrolled Recursion

CWE-611: Improper Restriction of XML External Entity Reference

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-789: Memory Allocation with Excessive Size Value

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-1395: Dependency on Vulnerable Third-Party Component

CWE-670: Always-Incorrect Control Flow Implementation

CWE-399: CWE-399

CWE-326: Inadequate Encryption Strength

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CWE-834: Excessive Iteration

CWE-311: Missing Encryption of Sensitive Data

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333: Inefficient Regular Expression Complexity

CVE-2016-10000

CVE-2020-2849

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2020-7760

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 24 products

CVE-2020-13956

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 30 products

CVE-2020-28975

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2021-23926

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Known affected 23 products

CVE-2021-33813

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 26 products

CVE-2022-40150

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 19 products

CVE-2023-2976

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-552 - Files or Directories Accessible to External Parties

Affected products

Known affected 13 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-4785

CWE-248 - Uncaught Exception

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-7272

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-24998

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 20 products

CVE-2023-25399

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-401 - Missing Release of Memory after Effective Lifetime

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-29824

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-32732

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-440 - Expected Behavior Violation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-33202

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 10 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-33953

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-834 - Excessive Iteration

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-43804

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-44487

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 13 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-45803

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-50782

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-208 - Observable Timing Discrepancy

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-0727

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 11 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—

CVE-2024-1135

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-4741

CWE-416 - Use After Free

Affected products

Known affected 9 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—

CVE-2024-5535

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 3 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-7254

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 3 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-22195

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-26130

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 9 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-29025

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 8 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-29131

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 8 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—

CVE-2024-34064

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 7 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-35195

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

CWE-670 - Always-Incorrect Control Flow Implementation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-36114

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-38809

8.0 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-43382

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-47561

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2025-21532

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:::::::*`	—

References

40 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2016…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Uncaught Exception",
        "title": "CWE-248"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Memory Allocation with Excessive Size Value",
        "title": "CWE-789"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Dependency on Vulnerable Third-Party Component",
        "title": "CWE-1395"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "CWE-399",
        "title": "CWE-399"
      },
      {
        "category": "general",
        "text": "Inadequate Encryption Strength",
        "title": "CWE-326"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
        "title": "CWE-776"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Missing Encryption of Sensitive Data",
        "title": "CWE-311"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Analytics",
    "tracking": {
      "current_release_date": "2025-01-22T13:36:58.196605Z",
      "id": "NCSC-2025-0028",
      "initial_release_date": "2025-01-22T13:36:58.196605Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:36:58.196605Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1503296",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-220360",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:enterprise:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-135810",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-219994",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:enterprise:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-219817",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:6.4.0.0.0:enterprise:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1503297",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-257324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1503298",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1650736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765384",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764234",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764929",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764235",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764930",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764236",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-1503574",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-1503573",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765388",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764727",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764729",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765383",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765385",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765389",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764725",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764728",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764730",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764726",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765386",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-9197",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-9493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-228391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220560",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-1673195",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-816763",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-816761",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-816762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-1751172",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-1650735",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-1751157",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10000",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2016-10000",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2016/CVE-2016-10000.json"
        }
      ],
      "title": "CVE-2016-10000"
    },
    {
      "cve": "CVE-2020-2849",
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-2849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-2849.json"
        }
      ],
      "title": "CVE-2020-2849"
    },
    {
      "cve": "CVE-2020-7760",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-764778",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-7760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-7760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-764778",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2020-7760"
    },
    {
      "cve": "CVE-2020-13956",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-228391",
          "CSAFPID-764778",
          "CSAFPID-220546",
          "CSAFPID-9197",
          "CSAFPID-764929",
          "CSAFPID-764930",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-1503574",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13956",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-228391",
            "CSAFPID-764778",
            "CSAFPID-220546",
            "CSAFPID-9197",
            "CSAFPID-764929",
            "CSAFPID-764930",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-1503574",
            "CSAFPID-257324",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2020-13956"
    },
    {
      "cve": "CVE-2020-28975",
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-28975",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-28975.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2020-28975"
    },
    {
      "cve": "CVE-2021-23926",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
          "title": "CWE-776"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9493",
          "CSAFPID-764778",
          "CSAFPID-228391",
          "CSAFPID-135810",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-220546",
          "CSAFPID-9197",
          "CSAFPID-764929",
          "CSAFPID-764930"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-23926",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9493",
            "CSAFPID-764778",
            "CSAFPID-228391",
            "CSAFPID-135810",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-220546",
            "CSAFPID-9197",
            "CSAFPID-764929",
            "CSAFPID-764930"
          ]
        }
      ],
      "title": "CVE-2021-23926"
    },
    {
      "cve": "CVE-2021-33813",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9197",
          "CSAFPID-9493",
          "CSAFPID-228391",
          "CSAFPID-764778",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-33813",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33813.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9197",
            "CSAFPID-9493",
            "CSAFPID-228391",
            "CSAFPID-764778",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2021-33813"
    },
    {
      "cve": "CVE-2022-40150",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9493",
          "CSAFPID-764778",
          "CSAFPID-228391",
          "CSAFPID-135810",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-40150",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40150.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9493",
            "CSAFPID-764778",
            "CSAFPID-228391",
            "CSAFPID-135810",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2022-40150"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        },
        {
          "category": "other",
          "text": "Creation of Temporary File in Directory with Insecure Permissions",
          "title": "CWE-379"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-2976",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-4785",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncaught Exception",
          "title": "CWE-248"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4785",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4785.json"
        }
      ],
      "title": "CVE-2023-4785"
    },
    {
      "cve": "CVE-2023-7272",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-7272",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-7272"
    },
    {
      "cve": "CVE-2023-24998",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-399",
          "title": "CWE-399"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764778",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-24998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
        }
      ],
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-25399",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-25399",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-25399"
    },
    {
      "cve": "CVE-2023-29824",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-29824",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29824.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-29824"
    },
    {
      "cve": "CVE-2023-32732",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Expected Behavior Violation",
          "title": "CWE-440"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-32732",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32732.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-32732"
    },
    {
      "cve": "CVE-2023-33202",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650735",
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33202",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650735",
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-33202"
    },
    {
      "cve": "CVE-2023-33953",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "Memory Allocation with Excessive Size Value",
          "title": "CWE-789"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33953",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33953.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-33953"
    },
    {
      "cve": "CVE-2023-43804",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-43804",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43804.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-43804"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45803",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45803",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45803.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-45803"
    },
    {
      "cve": "CVE-2023-50782",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Timing Discrepancy",
          "title": "CWE-208"
        },
        {
          "category": "other",
          "text": "Observable Discrepancy",
          "title": "CWE-203"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-50782",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50782.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-50782"
    },
    {
      "cve": "CVE-2024-0727",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-135810",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0727",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-135810",
            "CSAFPID-1650736",
            "CSAFPID-257324",
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2024-0727"
    },
    {
      "cve": "CVE-2024-1135",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1135",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-1135"
    },
    {
      "cve": "CVE-2024-4741",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4741",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
        }
      ],
      "title": "CVE-2024-4741"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Dependency on Vulnerable Third-Party Component",
          "title": "CWE-1395"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-135810",
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-135810",
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-22195",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-22195"
    },
    {
      "cve": "CVE-2024-26130",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26130",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574",
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29131",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-1650736"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29131",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574",
            "CSAFPID-1650736"
          ]
        }
      ],
      "title": "CVE-2024-29131"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-36114",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-36114"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38809",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38809",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195",
            "CSAFPID-1650736",
            "CSAFPID-257324",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2024-38809"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-43382",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        },
        {
          "category": "other",
          "text": "Inadequate Encryption Strength",
          "title": "CWE-326"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43382",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43382.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-43382"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2025-21532",
      "product_status": {
        "known_affected": [
          "CSAFPID-1751157"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21532",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21532.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751157"
          ]
        }
      ],
      "title": "CVE-2025-21532"
    }
  ]
}

RHSA-2024:8064

Vulnerability from csaf_redhat - Published: 2024-10-14 15:53 - Updated: 2026-06-01 17:19

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.

Severity

Critical

Notes

Topic: Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561) * com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428) * org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816) * ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294) * ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294) * ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294) * ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294) * ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294) * org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-52428

A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Apache Camel 4.4.3 for Spring Boot Red Hat / Red Hat Build of Apache Camel	`cpe:/a:redhat:apache_camel_spring_boot:4.4.3`	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-7254

A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Apache Camel 4.4.3 for Spring Boot Red Hat / Red Hat Build of Apache Camel	`cpe:/a:redhat:apache_camel_spring_boot:4.4.3`	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-38809

A flaw was found in the Spring Web (org.springframework:spring-web) package. Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Apache Camel 4.4.3 for Spring Boot Red Hat / Red Hat Build of Apache Camel	`cpe:/a:redhat:apache_camel_spring_boot:4.4.3`	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-38816

A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Apache Camel 4.4.3 for Spring Boot Red Hat / Red Hat Build of Apache Camel	`cpe:/a:redhat:apache_camel_spring_boot:4.4.3`	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-45294

A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Apache Camel 4.4.3 for Spring Boot Red Hat / Red Hat Build of Apache Camel	`cpe:/a:redhat:apache_camel_spring_boot:4.4.3`	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-47561

A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special "java-class" attribute.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat build of Apache Camel 4.4.3 for Spring Boot Red Hat / Red Hat Build of Apache Camel	`cpe:/a:redhat:apache_camel_spring_boot:4.4.3`	—	Vendor Fix fix Workaround

Threats

Impact Critical

References

42 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:8064	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2309764	external
https://bugzilla.redhat.com/show_bug.cgi?id=2310447	external
https://bugzilla.redhat.com/show_bug.cgi?id=2312060	external
https://bugzilla.redhat.com/show_bug.cgi?id=2314495	external
https://bugzilla.redhat.com/show_bug.cgi?id=2316116	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-52428	self
https://bugzilla.redhat.com/show_bug.cgi?id=2309764	external
https://www.cve.org/CVERecord?id=CVE-2023-52428	external
https://nvd.nist.gov/vuln/detail/CVE-2023-52428	external
https://access.redhat.com/security/cve/CVE-2024-7254	self
https://bugzilla.redhat.com/show_bug.cgi?id=2313454	external
https://www.cve.org/CVERecord?id=CVE-2024-7254	external
https://nvd.nist.gov/vuln/detail/CVE-2024-7254	external
https://github.com/protocolbuffers/protobuf/commi…	external
https://access.redhat.com/security/cve/CVE-2024-38809	self
https://bugzilla.redhat.com/show_bug.cgi?id=2314495	external
https://www.cve.org/CVERecord?id=CVE-2024-38809	external
https://nvd.nist.gov/vuln/detail/CVE-2024-38809	external
http://github.com/spring-projects/spring-framework	external
https://github.com/spring-projects/spring-framewo…	external
https://github.com/spring-projects/spring-framewo…	external
https://github.com/spring-projects/spring-framewo…	external
https://github.com/spring-projects/spring-framewo…	external
https://spring.io/security/cve-2024-38809	external
https://access.redhat.com/security/cve/CVE-2024-38816	self
https://bugzilla.redhat.com/show_bug.cgi?id=2312060	external
https://www.cve.org/CVERecord?id=CVE-2024-38816	external
https://nvd.nist.gov/vuln/detail/CVE-2024-38816	external
https://spring.io/security/cve-2024-38816	external
https://access.redhat.com/security/cve/CVE-2024-45294	self
https://bugzilla.redhat.com/show_bug.cgi?id=2310447	external
https://www.cve.org/CVERecord?id=CVE-2024-45294	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45294	external
https://github.com/hapifhir/org.hl7.fhir.core/rel…	external
https://github.com/hapifhir/org.hl7.fhir.core/sec…	external
https://access.redhat.com/security/cve/CVE-2024-47561	self
https://bugzilla.redhat.com/show_bug.cgi?id=2316116	external
https://www.cve.org/CVERecord?id=CVE-2024-47561	external
https://nvd.nist.gov/vuln/detail/CVE-2024-47561	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Apache Camel 4.4.3 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* org.apache.avro/avro: Schema parsing may trigger Remote Code Execution (RCE) (CVE-2024-47561)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service (CVE-2023-52428)\n\n* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu2016may: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.dstu3: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r4: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.r5: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* ca.uhn.hapi.fhir/org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core` (CVE-2024-45294)\n\n* org.springframework/spring-web: Spring Framework DoS via conditional HTTP request (CVE-2024-38809)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:8064",
        "url": "https://access.redhat.com/errata/RHSA-2024:8064"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "2309764",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
      },
      {
        "category": "external",
        "summary": "2310447",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
      },
      {
        "category": "external",
        "summary": "2312060",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
      },
      {
        "category": "external",
        "summary": "2314495",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
      },
      {
        "category": "external",
        "summary": "2316116",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8064.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.3 for Spring Boot security update.",
    "tracking": {
      "current_release_date": "2026-06-01T17:19:32+00:00",
      "generator": {
        "date": "2026-06-01T17:19:32+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:8064",
      "initial_release_date": "2024-10-14T15:53:39+00:00",
      "revision_history": [
        {
          "date": "2024-10-14T15:53:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-10-14T15:53:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-01T17:19:32+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
                "product": {
                  "name": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
                  "product_id": "Red Hat build of Apache Camel 4.4.3 for Spring Boot",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.4.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Build of Apache Camel"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-52428",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-09-04T17:02:58.468000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2309764"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-52428"
        },
        {
          "category": "external",
          "summary": "RHBZ#2309764",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
        }
      ],
      "release_date": "2024-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-14T15:53:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8064"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-09-19T01:20:29.981665+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2313454"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.\n\nThe protobuf package as shipped in RHEL does not include the affected java or kotlin bindings, therefore RHEL is Not Affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-7254"
        },
        {
          "category": "external",
          "summary": "RHBZ#2313454",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
          "url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
        }
      ],
      "release_date": "2024-09-19T01:15:10.963000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-14T15:53:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8064"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
    },
    {
      "cve": "CVE-2024-38809",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "discovery_date": "2024-09-24T20:00:28.839621+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2314495"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Spring Web (org.springframework:spring-web) package. Due to improper ETag prefix validation when the application parses ETags from the `If-Match` or `If-None-Match` request headers, an attacker can trigger a denial of service by sending a maliciously crafted conditional HTTP request.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-38809"
        },
        {
          "category": "external",
          "summary": "RHBZ#2314495",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314495"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38809",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809"
        },
        {
          "category": "external",
          "summary": "http://github.com/spring-projects/spring-framework",
          "url": "http://github.com/spring-projects/spring-framework"
        },
        {
          "category": "external",
          "summary": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3",
          "url": "https://github.com/spring-projects/spring-framework/commit/582bfccbb72e5c8959a0b472d1dc7d03a20520f3"
        },
        {
          "category": "external",
          "summary": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533",
          "url": "https://github.com/spring-projects/spring-framework/commit/8d16a50907c11f7e6b407d878a26e84eba08a533"
        },
        {
          "category": "external",
          "summary": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85",
          "url": "https://github.com/spring-projects/spring-framework/commit/bb17ad8314b81850a939fd265fb53b3361705e85"
        },
        {
          "category": "external",
          "summary": "https://github.com/spring-projects/spring-framework/issues/33372",
          "url": "https://github.com/spring-projects/spring-framework/issues/33372"
        },
        {
          "category": "external",
          "summary": "https://spring.io/security/cve-2024-38809",
          "url": "https://spring.io/security/cve-2024-38809"
        }
      ],
      "release_date": "2024-09-24T18:34:43+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-14T15:53:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8064"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "org.springframework:spring-web: Spring Framework DoS via conditional HTTP request"
    },
    {
      "cve": "CVE-2024-38816",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-09-13T06:20:08.422867+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2312060"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Path traversal vulnerabilities in applications that serve static resources via RouterFunctions and FileSystemResource pose a important security risk, as they allow attackers to bypass access controls and retrieve arbitrary files from the server\u0027s filesystem. This type of attack can lead to unauthorized exposure of sensitive data, such as configuration files, environment variables, or authentication credentials. If exploited, it can further facilitate privilege escalation, lateral movement, or remote code execution within the system. Given the broad access it grants to the server\u0027s filesystem, the potential for system compromise makes path traversal vulnerabilities a high-severity issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-38816"
        },
        {
          "category": "external",
          "summary": "RHBZ#2312060",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38816",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816"
        },
        {
          "category": "external",
          "summary": "https://spring.io/security/cve-2024-38816",
          "url": "https://spring.io/security/cve-2024-38816"
        }
      ],
      "release_date": "2024-09-13T06:15:11.190000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-14T15:53:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8064"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource"
    },
    {
      "cve": "CVE-2024-45294",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2024-09-06T16:20:11.403869+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2310447"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations (XSLT) transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This issue impacts use cases where org.hl7.fhir.core is being used within a host where external clients can submit XML.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is of significant severity because it allows for XML External Entity (XXE) injection, which can lead to unauthorized access and leakage of sensitive data from the host system. In environments where external clients are permitted to submit XML files, an attacker could craft a malicious XML containing a DTD (Document Type Definition) that references external entities. When processed, this could result in the unauthorized disclosure of files, environmental variables, or other confidential data from the server, potentially compromising the integrity and confidentiality of the system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45294"
        },
        {
          "category": "external",
          "summary": "RHBZ#2310447",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310447"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45294",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45294"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45294"
        },
        {
          "category": "external",
          "summary": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23",
          "url": "https://github.com/hapifhir/org.hl7.fhir.core/releases/tag/6.3.23"
        },
        {
          "category": "external",
          "summary": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf",
          "url": "https://github.com/hapifhir/org.hl7.fhir.core/security/advisories/GHSA-6cr6-ph3p-f5rf"
        }
      ],
      "release_date": "2024-09-06T16:15:03.300000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-14T15:53:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8064"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2024-10-02T14:04:06.018000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2316116"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-47561"
        },
        {
          "category": "external",
          "summary": "RHBZ#2316116",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316116"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-47561",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561"
        }
      ],
      "release_date": "2024-10-03T12:20:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-10-14T15:53:39+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:8064"
        },
        {
          "category": "workaround",
          "details": "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.3 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)"
    }
  ]
}

WID-SEC-W-2024-1853

Vulnerability from csaf_certbund - Published: 2024-08-14 22:00 - Updated: 2026-03-09 23:00

Summary

VMware Tanzu Spring Framework: Mehrere Schwachstellen ermöglichen Denial of Service

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Das Spring Framework bietet ein Entwicklungsmodell für Java mit Infrastrukturunterstützung auf Anwendungsebene.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2024-38808

Affected products

Known affected 18 products

Product	Identifier	Version
IBM Business Automation Workflow <21.0.3-IF039 IBM / Business Automation Workflow		<21.0.3-IF039
IBM Operational Decision Manager 9.0.0 IBM / Operational Decision Manager	`cpe:/a:ibm:operational_decision_manager:9.0.0`	9.0.0
IBM Business Automation Workflow <24.0.0-IF004 IBM / Business Automation Workflow		<24.0.0-IF004
VMware Tanzu Spring Framework <5.3.38 VMware Tanzu / Spring Framework		<5.3.38
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM SPSS Collaboration and Deployment Services IBM / SPSS	`cpe:/a:ibm:spss:collaboration_and_deployment_services`	Collaboration and Deployment Services
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-`	—
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM Operational Decision Manager 8.12.x IBM / Operational Decision Manager	`cpe:/a:ibm:operational_decision_manager:8.12.x`	8.12.x
Trellix ePolicy Orchestrator <5.10.0 Service pack 1 Update 5 Trellix / ePolicy Orchestrator		<5.10.0 Service pack 1 Update 5
IBM Operational Decision Manager 8.11.x IBM / Operational Decision Manager	`cpe:/a:ibm:operational_decision_manager:8.11.x`	8.11.x
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
IBM Business Automation Workflow IBM / Business Automation Workflow	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM Security Guardium 12.0 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:12.0`	12
IBM Rational ClearCase IBM	`cpe:/a:ibm:rational_clearcase:-`	—
VMware Tanzu Spring Framework <5.3.39 VMware Tanzu / Spring Framework		<5.3.39
SolarWinds Security Event Manager <2025.4 SolarWinds / Security Event Manager		<2025.4

CVE-2024-38809

Affected products

Known affected 19 products

Product	Identifier	Version
IBM Business Automation Workflow <21.0.3-IF039 IBM / Business Automation Workflow		<21.0.3-IF039
IBM Operational Decision Manager 9.0.0 IBM / Operational Decision Manager	`cpe:/a:ibm:operational_decision_manager:9.0.0`	9.0.0
IBM Business Automation Workflow <24.0.0-IF004 IBM / Business Automation Workflow		<24.0.0-IF004
VMware Tanzu Spring Framework <5.3.38 VMware Tanzu / Spring Framework		<5.3.38
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM SPSS Collaboration and Deployment Services IBM / SPSS	`cpe:/a:ibm:spss:collaboration_and_deployment_services`	Collaboration and Deployment Services
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-`	—
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM Operational Decision Manager 8.12.x IBM / Operational Decision Manager	`cpe:/a:ibm:operational_decision_manager:8.12.x`	8.12.x
Trellix ePolicy Orchestrator <5.10.0 Service pack 1 Update 5 Trellix / ePolicy Orchestrator		<5.10.0 Service pack 1 Update 5
IBM Operational Decision Manager 8.11.x IBM / Operational Decision Manager	`cpe:/a:ibm:operational_decision_manager:8.11.x`	8.11.x
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
IBM Business Automation Workflow IBM / Business Automation Workflow	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM Security Guardium 12.0 IBM / Security Guardium	`cpe:/a:ibm:security_guardium:12.0`	12
IBM Rational ClearCase IBM	`cpe:/a:ibm:rational_clearcase:-`	—
VMware Tanzu Spring Framework <6.1.12 VMware Tanzu / Spring Framework		<6.1.12
VMware Tanzu Spring Framework <6.0.23 VMware Tanzu / Spring Framework		<6.0.23
SolarWinds Security Event Manager <2025.4 SolarWinds / Security Event Manager		<2025.4

References

26 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://spring.io/blog/2024/08/14/spring-framewor…	external
https://spring.io/security/cve-2024-38808	external
https://spring.io/security/cve-2024-38809	external
https://rhn.redhat.com/errata/RHSA-2024:6508.html	external
https://access.redhat.com/errata/RHSA-2024:6508	external
https://security.netapp.com/advisory/ntap-2024092…	external
https://security.netapp.com/advisory/ntap-2024092…	external
https://www.ibm.com/support/pages/node/7172193	external
https://www.ibm.com/support/pages/node/7169825	external
https://www.ibm.com/support/pages/node/7174634	external
https://access.redhat.com/errata/RHSA-2024:8887	external
https://access.redhat.com/errata/RHSA-2024:8886	external
https://access.redhat.com/errata/RHSA-2024:8884	external
https://access.redhat.com/errata/RHSA-2024:8885	external
https://www.ibm.com/support/pages/node/7176911	external
https://www.hitachi.com/products/it/software/secu…	external
https://www.ibm.com/support/pages/node/7180385	external
https://www.ibm.com/support/pages/node/7182811	external
https://www.ibm.com/support/pages/node/7182821	external
https://www.ibm.com/support/pages/node/7185046	external
https://docs.trellix.com/bundle/trellix-epolicy-o…	external
https://www.ibm.com/support/pages/node/7241582	external
https://documentation.solarwinds.com/en/success_c…	external
https://www.ibm.com/support/pages/node/7262527	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Spring Framework bietet ein Entwicklungsmodell f\u00fcr Java mit Infrastrukturunterst\u00fctzung auf Anwendungsebene.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1853 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1853.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1853 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1853"
      },
      {
        "category": "external",
        "summary": "Spring blog vom 2024-08-14",
        "url": "https://spring.io/blog/2024/08/14/spring-framework-releases-fixes-for-cve-2024-38808-and-cve-2024-38809"
      },
      {
        "category": "external",
        "summary": "Spring blog vom 2024-08-14",
        "url": "https://spring.io/security/cve-2024-38808"
      },
      {
        "category": "external",
        "summary": "Spring blog vom 2024-08-14",
        "url": "https://spring.io/security/cve-2024-38809"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6508 vom 2024-09-10",
        "url": "https://rhn.redhat.com/errata/RHSA-2024:6508.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6508 vom 2024-09-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:6508"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20240920-0002 vom 2024-09-20",
        "url": "https://security.netapp.com/advisory/ntap-20240920-0002/"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20240920-0003 vom 2024-09-20",
        "url": "https://security.netapp.com/advisory/ntap-20240920-0003/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7172193 vom 2024-10-04",
        "url": "https://www.ibm.com/support/pages/node/7172193"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7169825 vom 2024-10-24",
        "url": "https://www.ibm.com/support/pages/node/7169825"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7174634"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8887 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8887"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8886 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8886"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8884 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8884"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8885 vom 2024-11-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:8885"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7176911 vom 2024-11-22",
        "url": "https://www.ibm.com/support/pages/node/7176911"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2024-152 vom 2024-12-17",
        "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-152/index.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7180385 vom 2025-01-07",
        "url": "https://www.ibm.com/support/pages/node/7180385"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7182811 vom 2025-02-07",
        "url": "https://www.ibm.com/support/pages/node/7182811"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7182821 vom 2025-02-07",
        "url": "https://www.ibm.com/support/pages/node/7182821"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7185046 vom 2025-03-28",
        "url": "https://www.ibm.com/support/pages/node/7185046"
      },
      {
        "category": "external",
        "summary": "Trellix Release Notes vom 2025-06-26",
        "url": "https://docs.trellix.com/bundle/trellix-epolicy-orchestrator-on-prem-5.10.0-release-notes/page/UUID-685c97fa-5a21-b2a0-b577-fe9fde79ea73.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7241582 vom 2025-08-06",
        "url": "https://www.ibm.com/support/pages/node/7241582"
      },
      {
        "category": "external",
        "summary": "Solarwinds SEM 2025.4 release notes vom 2025-10-14",
        "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-4_release_notes.htm"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7262527 vom 2026-03-10",
        "url": "https://www.ibm.com/support/pages/node/7262527"
      }
    ],
    "source_lang": "en-US",
    "title": "VMware Tanzu Spring Framework: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2026-03-09T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-10T09:31:39.643+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2024-1853",
      "initial_release_date": "2024-08-14T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-08-14T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-09-09T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-22T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-10-24T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-11-05T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-21T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2025-01-07T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-02-09T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
        },
        {
          "date": "2025-03-30T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-06-26T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-08-06T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-10-13T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2026-03-09T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "16"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Hitachi Ops Center",
            "product": {
              "name": "Hitachi Ops Center",
              "product_id": "T017562",
              "product_identification_helper": {
                "cpe": "cpe:/a:hitachi:ops_center:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM Business Automation Workflow",
                "product": {
                  "name": "IBM Business Automation Workflow",
                  "product_id": "T019704",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c24.0.0-IF004",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c24.0.0-IF004",
                  "product_id": "T040915"
                }
              },
              {
                "category": "product_version",
                "name": "24.0.0-IF004",
                "product": {
                  "name": "IBM Business Automation Workflow 24.0.0-IF004",
                  "product_id": "T040915-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0-if004"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c21.0.3-IF039",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c21.0.3-IF039",
                  "product_id": "T040916"
                }
              },
              {
                "category": "product_version",
                "name": "21.0.3-IF039",
                "product": {
                  "name": "IBM Business Automation Workflow 21.0.3-IF039",
                  "product_id": "T040916-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3-if039"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Business Automation Workflow"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.7",
                "product": {
                  "name": "IBM InfoSphere Information Server 11.7",
                  "product_id": "444803",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "InfoSphere Information Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.11.x",
                "product": {
                  "name": "IBM Operational Decision Manager 8.11.x",
                  "product_id": "T027828",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:operational_decision_manager:8.11.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.12.x",
                "product": {
                  "name": "IBM Operational Decision Manager 8.12.x",
                  "product_id": "T030120",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:operational_decision_manager:8.12.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.0.0",
                "product": {
                  "name": "IBM Operational Decision Manager 9.0.0",
                  "product_id": "T037718",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:operational_decision_manager:9.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Operational Decision Manager"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
                  "product_id": "T038741"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
                  "product_id": "T038741-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          },
          {
            "category": "product_name",
            "name": "IBM Rational ClearCase",
            "product": {
              "name": "IBM Rational ClearCase",
              "product_id": "T004180",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:rational_clearcase:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Collaboration and Deployment Services",
                "product": {
                  "name": "IBM SPSS Collaboration and Deployment Services",
                  "product_id": "T037766",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SPSS"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12",
                "product": {
                  "name": "IBM Security Guardium 12.0",
                  "product_id": "T031092",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_guardium:12.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Guardium"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp ActiveIQ Unified Manager",
            "product": {
              "name": "NetApp ActiveIQ Unified Manager",
              "product_id": "T016960",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2025.4",
                "product": {
                  "name": "SolarWinds Security Event Manager \u003c2025.4",
                  "product_id": "T047576"
                }
              },
              {
                "category": "product_version",
                "name": "2025.4",
                "product": {
                  "name": "SolarWinds Security Event Manager 2025.4",
                  "product_id": "T047576-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:security_event_manager:2025.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Event Manager"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.10.0 Service pack 1 Update 5",
                "product": {
                  "name": "Trellix ePolicy Orchestrator \u003c5.10.0 Service pack 1 Update 5",
                  "product_id": "T044884"
                }
              },
              {
                "category": "product_version",
                "name": "5.10.0 Service pack 1 Update 5",
                "product": {
                  "name": "Trellix ePolicy Orchestrator 5.10.0 Service pack 1 Update 5",
                  "product_id": "T044884-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trellix:epolicy_orchestrator:5.10.0_service_pack_1_update_5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ePolicy Orchestrator"
          }
        ],
        "category": "vendor",
        "name": "Trellix"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.3.39",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c5.3.39",
                  "product_id": "T036917"
                }
              },
              {
                "category": "product_version",
                "name": "5.3.39",
                "product": {
                  "name": "VMware Tanzu Spring Framework 5.3.39",
                  "product_id": "T036917-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:5.3.39"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.1.12",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c6.1.12",
                  "product_id": "T036918"
                }
              },
              {
                "category": "product_version",
                "name": "6.1.12",
                "product": {
                  "name": "VMware Tanzu Spring Framework 6.1.12",
                  "product_id": "T036918-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:6.1.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.0.23",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c6.0.23",
                  "product_id": "T036919"
                }
              },
              {
                "category": "product_version",
                "name": "6.0.23",
                "product": {
                  "name": "VMware Tanzu Spring Framework 6.0.23",
                  "product_id": "T036919-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:6.0.23"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.3.38",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c5.3.38",
                  "product_id": "T036920"
                }
              },
              {
                "category": "product_version",
                "name": "5.3.38",
                "product": {
                  "name": "VMware Tanzu Spring Framework 5.3.38",
                  "product_id": "T036920-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:5.3.38"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spring Framework"
          }
        ],
        "category": "vendor",
        "name": "VMware Tanzu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-38808",
      "product_status": {
        "known_affected": [
          "T040916",
          "T037718",
          "T040915",
          "T036920",
          "67646",
          "T037766",
          "T016960",
          "T038741",
          "T017562",
          "T030120",
          "T044884",
          "T027828",
          "444803",
          "T019704",
          "T031092",
          "T004180",
          "T036917",
          "T047576"
        ]
      },
      "release_date": "2024-08-14T22:00:00.000+00:00",
      "title": "CVE-2024-38808"
    },
    {
      "cve": "CVE-2024-38809",
      "product_status": {
        "known_affected": [
          "T040916",
          "T037718",
          "T040915",
          "T036920",
          "67646",
          "T037766",
          "T016960",
          "T038741",
          "T017562",
          "T030120",
          "T044884",
          "T027828",
          "444803",
          "T019704",
          "T031092",
          "T004180",
          "T036918",
          "T036919",
          "T047576"
        ]
      },
      "release_date": "2024-08-14T22:00:00.000+00:00",
      "title": "CVE-2024-38809"
    }
  ]
}

WID-SEC-W-2024-3180

Vulnerability from csaf_certbund - Published: 2024-10-14 22:00 - Updated: 2025-11-18 23:00

Summary

Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert. JBoss A-MQ ist eine Messaging-Plattform. JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam. Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.

Angriff: Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuführen.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2023-52428

Affected products

Known affected 17 products

Product	Identifier	Version
Red Hat Integration Camel K 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_k_1`	Camel K 1
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat JBoss A-MQ Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:-`	—
Red Hat JBoss Data Grid Red Hat	`cpe:/a:redhat:jboss_data_grid:-`	—
Apache Camel <4.4.3 Apache / Camel		<4.4.3
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Red Hat JBoss Enterprise Application Platform Quarkus Red Hat / JBoss Enterprise Application Platform	`cpe:/a:redhat:jboss_enterprise_application_platform:quarkus`	Quarkus
Atlassian Bamboo <10.0.3 Atlassian / Bamboo		<10.0.3
Atlassian Bamboo <9.2.20 Atlassian / Bamboo		<9.2.20
Atlassian Bamboo <9.6.8 Atlassian / Bamboo		<9.6.8
IBM Cognos Analytics <11.2.4 IF4 IBM / Cognos Analytics		<11.2.4 IF4
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM Cognos Analytics <12.0.4 IF2 IBM / Cognos Analytics		<12.0.4 IF2
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Red Hat JBoss A-MQ Streams 2 Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:streams_2`	Streams 2
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2024-38809

Affected products

Known affected 17 products

Product	Identifier	Version
Red Hat Integration Camel K 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_k_1`	Camel K 1
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat JBoss A-MQ Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:-`	—
Red Hat JBoss Data Grid Red Hat	`cpe:/a:redhat:jboss_data_grid:-`	—
Apache Camel <4.4.3 Apache / Camel		<4.4.3
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Red Hat JBoss Enterprise Application Platform Quarkus Red Hat / JBoss Enterprise Application Platform	`cpe:/a:redhat:jboss_enterprise_application_platform:quarkus`	Quarkus
Atlassian Bamboo <10.0.3 Atlassian / Bamboo		<10.0.3
Atlassian Bamboo <9.2.20 Atlassian / Bamboo		<9.2.20
Atlassian Bamboo <9.6.8 Atlassian / Bamboo		<9.6.8
IBM Cognos Analytics <11.2.4 IF4 IBM / Cognos Analytics		<11.2.4 IF4
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM Cognos Analytics <12.0.4 IF2 IBM / Cognos Analytics		<12.0.4 IF2
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Red Hat JBoss A-MQ Streams 2 Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:streams_2`	Streams 2
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2024-38816

Affected products

Known affected 17 products

Product	Identifier	Version
Red Hat Integration Camel K 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_k_1`	Camel K 1
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat JBoss A-MQ Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:-`	—
Red Hat JBoss Data Grid Red Hat	`cpe:/a:redhat:jboss_data_grid:-`	—
Apache Camel <4.4.3 Apache / Camel		<4.4.3
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Red Hat JBoss Enterprise Application Platform Quarkus Red Hat / JBoss Enterprise Application Platform	`cpe:/a:redhat:jboss_enterprise_application_platform:quarkus`	Quarkus
Atlassian Bamboo <10.0.3 Atlassian / Bamboo		<10.0.3
Atlassian Bamboo <9.2.20 Atlassian / Bamboo		<9.2.20
Atlassian Bamboo <9.6.8 Atlassian / Bamboo		<9.6.8
IBM Cognos Analytics <11.2.4 IF4 IBM / Cognos Analytics		<11.2.4 IF4
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM Cognos Analytics <12.0.4 IF2 IBM / Cognos Analytics		<12.0.4 IF2
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Red Hat JBoss A-MQ Streams 2 Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:streams_2`	Streams 2
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2024-45294

Affected products

Known affected 17 products

Product	Identifier	Version
Red Hat Integration Camel K 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_k_1`	Camel K 1
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat JBoss A-MQ Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:-`	—
Red Hat JBoss Data Grid Red Hat	`cpe:/a:redhat:jboss_data_grid:-`	—
Apache Camel <4.4.3 Apache / Camel		<4.4.3
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Red Hat JBoss Enterprise Application Platform Quarkus Red Hat / JBoss Enterprise Application Platform	`cpe:/a:redhat:jboss_enterprise_application_platform:quarkus`	Quarkus
Atlassian Bamboo <10.0.3 Atlassian / Bamboo		<10.0.3
Atlassian Bamboo <9.2.20 Atlassian / Bamboo		<9.2.20
Atlassian Bamboo <9.6.8 Atlassian / Bamboo		<9.6.8
IBM Cognos Analytics <11.2.4 IF4 IBM / Cognos Analytics		<11.2.4 IF4
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM Cognos Analytics <12.0.4 IF2 IBM / Cognos Analytics		<12.0.4 IF2
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Red Hat JBoss A-MQ Streams 2 Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:streams_2`	Streams 2
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2024-47561

Affected products

Known affected 20 products

Product	Identifier	Version
Red Hat Integration Camel K 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_k_1`	Camel K 1
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat JBoss A-MQ Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:-`	—
Atlassian Jira Data Center and Server <9.12.15 (LTS) Atlassian / Jira		Data Center and Server <9.12.15 (LTS)
Red Hat JBoss Data Grid Red Hat	`cpe:/a:redhat:jboss_data_grid:-`	—
Apache Camel <4.4.3 Apache / Camel		<4.4.3
IBM QRadar SIEM <7.5.0 UP10 IF01 IBM / QRadar SIEM		<7.5.0 UP10 IF01
Red Hat JBoss Enterprise Application Platform Quarkus Red Hat / JBoss Enterprise Application Platform	`cpe:/a:redhat:jboss_enterprise_application_platform:quarkus`	Quarkus
Atlassian Bamboo <10.0.3 Atlassian / Bamboo		<10.0.3
Atlassian Bamboo <9.2.20 Atlassian / Bamboo		<9.2.20
Atlassian Bamboo <9.6.8 Atlassian / Bamboo		<9.6.8
IBM Cognos Analytics <11.2.4 IF4 IBM / Cognos Analytics		<11.2.4 IF4
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
Atlassian Jira Data Center and Server <10.3.1 Atlassian / Jira		Data Center and Server <10.3.1
IBM Cognos Analytics <12.0.4 IF2 IBM / Cognos Analytics		<12.0.4 IF2
Atlassian Jira Data Center and Server <9.17.5 Atlassian / Jira		Data Center and Server <9.17.5
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Red Hat JBoss A-MQ Streams 2 Red Hat / JBoss A-MQ	`cpe:/a:redhat:jboss_amq:streams_2`	Streams 2
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

References

15 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2024:8064	external
https://access.redhat.com/errata/RHSA-2024:8339	external
https://www.ibm.com/support/pages/node/7174634	external
https://access.redhat.com/errata/RHSA-2024:8824	external
https://access.redhat.com/errata/RHSA-2024:8823	external
https://access.redhat.com/errata/RHSA-2024:8826	external
https://confluence.atlassian.com/pages/viewpage.a…	external
https://access.redhat.com/errata/RHSA-2024:11023	external
https://confluence.atlassian.com/security/securit…	external
https://www.ibm.com/support/pages/node/7183676	external
https://access.redhat.com/errata/RHSA-2025:2416	external
https://www.ibm.com/support/pages/node/7248128	external
https://confluence.atlassian.com/security/securit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.\r\nJBoss A-MQ ist eine Messaging-Plattform.\r\nJBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.\r\nRed Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank f\u00fcr den schnellen Zugriff auf gro\u00dfe Datenvolumen und Skalierbarkeit.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Apache Camel und in mehreren Red Hat-Produkten ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und beliebigen Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3180 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3180.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3180 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3180"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-10-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:8064"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8339 vom 2024-10-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:8339"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7174634"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8824 vom 2024-11-04",
        "url": "https://access.redhat.com/errata/RHSA-2024:8824"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8823 vom 2024-11-04",
        "url": "https://access.redhat.com/errata/RHSA-2024:8823"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8826 vom 2024-11-04",
        "url": "https://access.redhat.com/errata/RHSA-2024:8826"
      },
      {
        "category": "external",
        "summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
        "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:11023"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Advisory JSWSERVER-26273 vom 2025-01-21",
        "url": "https://confluence.atlassian.com/security/security-bulletin-january-21-2025-1489803942.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
        "url": "https://www.ibm.com/support/pages/node/7183676"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2416 vom 2025-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2025:2416"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7248128 vom 2025-10-16",
        "url": "https://www.ibm.com/support/pages/node/7248128"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin - November 18 2025",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache Camel und mehrere Red Hat Produkte: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-19T09:42:53.264+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2024-3180",
      "initial_release_date": "2024-10-14T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-10-14T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-10-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-31T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-11-04T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2024-12-12T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-01-21T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Atlassian aufgenommen"
        },
        {
          "date": "2025-02-27T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-03-05T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-03-20T23:00:00.000+00:00",
          "number": "10",
          "summary": "Produktzuordnung Atlassian Jira korrigiert"
        },
        {
          "date": "2025-10-16T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "12"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.4.3",
                "product": {
                  "name": "Apache Camel \u003c4.4.3",
                  "product_id": "T038353"
                }
              },
              {
                "category": "product_version",
                "name": "4.4.3",
                "product": {
                  "name": "Apache Camel 4.4.3",
                  "product_id": "T038353-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:camel:4.4.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Camel"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.0.3",
                "product": {
                  "name": "Atlassian Bamboo \u003c10.0.3",
                  "product_id": "T039274"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.3",
                "product": {
                  "name": "Atlassian Bamboo 10.0.3",
                  "product_id": "T039274-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bamboo:10.0.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.6.8",
                "product": {
                  "name": "Atlassian Bamboo \u003c9.6.8",
                  "product_id": "T039275"
                }
              },
              {
                "category": "product_version",
                "name": "9.6.8",
                "product": {
                  "name": "Atlassian Bamboo 9.6.8",
                  "product_id": "T039275-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bamboo:9.6.8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.2.20",
                "product": {
                  "name": "Atlassian Bamboo \u003c9.2.20",
                  "product_id": "T039276"
                }
              },
              {
                "category": "product_version",
                "name": "9.2.20",
                "product": {
                  "name": "Atlassian Bamboo 9.2.20",
                  "product_id": "T039276-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bamboo:9.2.20"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bamboo"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket \u003c10.0.2",
                  "product_id": "T048675"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket 10.0.2",
                  "product_id": "T048675-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
                  "product_id": "T048676"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 8.19.25 (LTS)",
                  "product_id": "T048676-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
                  "product_id": "T048677"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 9.4.13 (LTS)",
                  "product_id": "T048677-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.17.5",
                "product": {
                  "name": "Atlassian Jira Data Center and Server \u003c9.17.5",
                  "product_id": "T040542"
                }
              },
              {
                "category": "product_version",
                "name": "Data Center and Server 9.17.5",
                "product": {
                  "name": "Atlassian Jira Data Center and Server 9.17.5",
                  "product_id": "T040542-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:jira:data_center_and_server__9.17.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c10.3.1",
                "product": {
                  "name": "Atlassian Jira Data Center and Server \u003c10.3.1",
                  "product_id": "T042108"
                }
              },
              {
                "category": "product_version",
                "name": "Data Center and Server 10.3.1",
                "product": {
                  "name": "Atlassian Jira Data Center and Server 10.3.1",
                  "product_id": "T042108-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:jira:data_center_and_server__10.3.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.12.15 (LTS)",
                "product": {
                  "name": "Atlassian Jira Data Center and Server \u003c9.12.15 (LTS)",
                  "product_id": "T042109"
                }
              },
              {
                "category": "product_version",
                "name": "Data Center and Server 9.12.15 (LTS)",
                "product": {
                  "name": "Atlassian Jira Data Center and Server 9.12.15 (LTS)",
                  "product_id": "T042109-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:jira:data_center_and_server__9.12.15_%2528lts%2529"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Jira"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c12.0.4 IF2",
                "product": {
                  "name": "IBM Cognos Analytics \u003c12.0.4 IF2",
                  "product_id": "T041469"
                }
              },
              {
                "category": "product_version",
                "name": "12.0.4 IF2",
                "product": {
                  "name": "IBM Cognos Analytics 12.0.4 IF2",
                  "product_id": "T041469-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.4 IF4",
                "product": {
                  "name": "IBM Cognos Analytics \u003c11.2.4 IF4",
                  "product_id": "T041470"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.4 IF4",
                "product": {
                  "name": "IBM Cognos Analytics 11.2.4 IF4",
                  "product_id": "T041470-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Cognos Analytics"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM QRadar SIEM",
                "product": {
                  "name": "IBM QRadar SIEM",
                  "product_id": "T021415",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
                  "product_id": "T038741"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP10 IF01",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
                  "product_id": "T038741-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Camel K 1",
                "product": {
                  "name": "Red Hat Integration Camel K 1",
                  "product_id": "T031972",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:integration:camel_k_1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Integration"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ",
                "product": {
                  "name": "Red Hat JBoss A-MQ",
                  "product_id": "T038357",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Streams 2",
                "product": {
                  "name": "Red Hat JBoss A-MQ Streams 2",
                  "product_id": "T041596",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:streams_2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "JBoss A-MQ"
          },
          {
            "category": "product_name",
            "name": "Red Hat JBoss Data Grid",
            "product": {
              "name": "Red Hat JBoss Data Grid",
              "product_id": "T038358",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:jboss_data_grid:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Quarkus",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform Quarkus",
                  "product_id": "T038356",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:quarkus"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-52428",
      "product_status": {
        "known_affected": [
          "T031972",
          "67646",
          "T038357",
          "T038358",
          "T038353",
          "T038741",
          "T038356",
          "T039274",
          "T039276",
          "T039275",
          "T041470",
          "T021415",
          "T041469",
          "T048677",
          "T041596",
          "T048676",
          "T048675"
        ]
      },
      "release_date": "2024-10-14T22:00:00.000+00:00",
      "title": "CVE-2023-52428"
    },
    {
      "cve": "CVE-2024-38809",
      "product_status": {
        "known_affected": [
          "T031972",
          "67646",
          "T038357",
          "T038358",
          "T038353",
          "T038741",
          "T038356",
          "T039274",
          "T039276",
          "T039275",
          "T041470",
          "T021415",
          "T041469",
          "T048677",
          "T041596",
          "T048676",
          "T048675"
        ]
      },
      "release_date": "2024-10-14T22:00:00.000+00:00",
      "title": "CVE-2024-38809"
    },
    {
      "cve": "CVE-2024-38816",
      "product_status": {
        "known_affected": [
          "T031972",
          "67646",
          "T038357",
          "T038358",
          "T038353",
          "T038741",
          "T038356",
          "T039274",
          "T039276",
          "T039275",
          "T041470",
          "T021415",
          "T041469",
          "T048677",
          "T041596",
          "T048676",
          "T048675"
        ]
      },
      "release_date": "2024-10-14T22:00:00.000+00:00",
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-45294",
      "product_status": {
        "known_affected": [
          "T031972",
          "67646",
          "T038357",
          "T038358",
          "T038353",
          "T038741",
          "T038356",
          "T039274",
          "T039276",
          "T039275",
          "T041470",
          "T021415",
          "T041469",
          "T048677",
          "T041596",
          "T048676",
          "T048675"
        ]
      },
      "release_date": "2024-10-14T22:00:00.000+00:00",
      "title": "CVE-2024-45294"
    },
    {
      "cve": "CVE-2024-47561",
      "product_status": {
        "known_affected": [
          "T031972",
          "67646",
          "T038357",
          "T042109",
          "T038358",
          "T038353",
          "T038741",
          "T038356",
          "T039274",
          "T039276",
          "T039275",
          "T041470",
          "T021415",
          "T042108",
          "T041469",
          "T040542",
          "T048677",
          "T041596",
          "T048676",
          "T048675"
        ]
      },
      "release_date": "2024-10-14T22:00:00.000+00:00",
      "title": "CVE-2024-47561"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-38809 (GCVE-0-2024-38809)

GHSA-2RMJ-MQ67-H97G

Description

Affected Spring Products and Versions

Mitigation

NCSC-2024-0418

NCSC-2025-0021

NCSC-2025-0028

RHSA-2024:8064

WID-SEC-W-2024-1853

WID-SEC-W-2024-3180

Tags

Sightings

Nomenclature