Vulnerability-Lookup

CVE-2024-45490 (GCVE-0-2024-45490)

Vulnerability from cvelistv5 – Published: 2024-08-30 00:00 – Updated: 2026-05-12 11:57

Summary

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-190 - Integer Overflow or Wraparound

Assigner

mitre

References

11 references

URL	Tags
https://github.com/libexpat/libexpat/pull/890
https://github.com/libexpat/libexpat/issues/887
https://security.netapp.com/advisory/ntap-2024101…
http://seclists.org/fulldisclosure/2024/Dec/12
http://seclists.org/fulldisclosure/2024/Dec/10
http://seclists.org/fulldisclosure/2024/Dec/8
http://seclists.org/fulldisclosure/2024/Dec/7
http://seclists.org/fulldisclosure/2024/Dec/6
https://lists.debian.org/debian-lts-announce/2024…
https://cert-portal.siemens.com/productcert/html/…
https://cert-portal.siemens.com/productcert/html/…

Impacted products

7 products

Vendor	Product	Version
libexpat_project	libexpat	Affected: 0 , < 2.6.3 (custom) cpe:2.3:a:libexpat_project:libexpat::::::::
Siemens	RUGGEDCOM RST2428P	Affected: 0 , < V3.1 (custom)
Siemens	SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family	Unaffected: 0 , < * (custom)
Siemens	SCALANCE XCM-/XRM-/XCH-/XRH-300 family	Affected: 0 , < V3.1 (custom)
Siemens	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP	Affected: V3.1.5 , < * (custom)
Siemens	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP	Affected: V3.1.5 , < * (custom)
Siemens	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP	Affected: V3.1.5 , < * (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "libexpat",
            "vendor": "libexpat_project",
            "versions": [
              {
                "lessThan": "2.6.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-45490",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-30T18:17:03.200505Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-14T19:07:39.114Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T16:15:47.407Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241018-0004/"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Dec/12"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Dec/10"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Dec/8"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Dec/7"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Dec/6"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "RUGGEDCOM RST2428P",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:57:31.663Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-30T02:10:04.584Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/libexpat/libexpat/pull/890"
        },
        {
          "url": "https://github.com/libexpat/libexpat/issues/887"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-45490",
    "datePublished": "2024-08-30T00:00:00.000Z",
    "dateReserved": "2024-08-30T00:00:00.000Z",
    "dateUpdated": "2026-05-12T11:57:31.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-45490",
      "date": "2026-06-02",
      "epss": "0.00613",
      "percentile": "0.70179"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-45490\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-08-30T03:15:03.757\",\"lastModified\":\"2026-05-12T12:17:10.563\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en libexpat anterior a 2.6.3. xmlparse.c no rechaza una longitud negativa para XML_ParseBuffer.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.3\",\"matchCriteriaId\":\"FDDF6E7A-AF1C-4370-B0B0-29A35C454FFB\"}]}]}],\"references\":[{\"url\":\"https://github.com/libexpat/libexpat/issues/887\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/890\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Dec/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/Dec/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/Dec/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/Dec/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2024/Dec/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20241018-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-613116.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20241018-0004/\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Dec/12\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Dec/10\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Dec/8\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Dec/7\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Dec/6\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T16:15:47.407Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45490\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-30T18:17:03.200505Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\"], \"vendor\": \"libexpat_project\", \"product\": \"libexpat\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.6.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190 Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-30T18:18:26.447Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/pull/890\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/887\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-08-30T02:10:04.584Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-45490\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T16:15:47.407Z\", \"dateReserved\": \"2024-08-30T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-08-30T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

NCSC-2025-0027

Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:36 - Updated: 2025-01-22 13:36

Summary

Kwetsbaarheden verholpen in Oracle Fusion Middleware

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Oracle heeft meerdere kwetsbaarheden verholpen in zijn producten, waaronder Oracle Fusion Middleware, Oracle WebLogic Server, en Oracle HTTP Server.

Interpretaties: De kwetsbaarheden bevinden zich in verschillende Oracle producten, waaronder Oracle WebLogic Server versies 12.2.1.4.0 en 14.1.1.0.0, die het mogelijk maken voor ongeauthenticeerde kwaadwillenden om toegang te krijgen tot kritieke gegevens. Dit kan leiden tot ernstige gevolgen voor de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen. De kwetsbaarheid in Oracle HTTP Server versie 12.2.1.4.0 stelt kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, met een CVSS-score van 5.3, terwijl de kwetsbaarheid in WebLogic Server een CVSS-score van 9.8 heeft, wat wijst op een kritieke impact. Kwaadwillenden kunnen ook gebruik maken van kwetsbaarheden in Oracle Fusion Middleware en andere producten om Denial-of-Service (DoS) aanvallen uit te voeren.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

CWE-35: Path Traversal: '.../...//'

CWE-1395: Dependency on Vulnerable Third-Party Component

CWE-130: Improper Handling of Length Parameter Inconsistency

CWE-755: Improper Handling of Exceptional Conditions

CWE-732: Incorrect Permission Assignment for Critical Resource

CWE-116: Improper Encoding or Escaping of Output

CWE-190: Integer Overflow or Wraparound

CWE-532: Insertion of Sensitive Information into Log File

CWE-798: Use of Hard-coded Credentials

CWE-125: Out-of-bounds Read

CWE-284: Improper Access Control

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-295: Improper Certificate Validation

CWE-400: Uncontrolled Resource Consumption

CWE-502: Deserialization of Untrusted Data

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611: Improper Restriction of XML External Entity Reference

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-122: Heap-based Buffer Overflow

CWE-121: Stack-based Buffer Overflow

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2019-12415

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 19 products

Product	Identifier	Version
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:-:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
business_activity_monitoring__bam_ oracle	`cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.3.0:::::::*`	—
business_activity_monitoring__bam_ oracle	`cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.4.0:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:::::::*`	—

CVE-2023-7272

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2023-38709

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

Affected products

Known affected 9 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2023-39410

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 10 products

Product	Identifier	Version
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-44483

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Known affected 15 products

Product	Identifier	Version
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—

CVE-2023-49582

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-732 - Incorrect Permission Assignment for Critical Resource

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2023-51775

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 18 products

Product	Identifier	Version
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:8.5.7:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:14.1.1.0.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-5535

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-6119

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-8096

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-23635

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 14 products

Product	Identifier	Version
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-29857

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 12 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.19.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:8.5.7:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:14.1.1.0.0:::::::*`	—

CVE-2024-30171

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-208 - Observable Timing Discrepancy

Affected products

Known affected 9 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-30172

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 9 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-34447

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-706 - Use of Incorrectly-Resolved Name or Reference

Affected products

Known affected 9 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-34750

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—

CVE-2024-37370

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
security_service oracle	`cpe:2.3:a:oracle:security_service:12.2.1.4.0:::::::*`	—

CVE-2024-37371

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
security_service oracle	`cpe:2.3:a:oracle:security_service:12.2.1.4.0:::::::*`	—

CVE-2024-38473

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-172 - Encoding Error

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-38475

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-284 - Improper Access Control

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-38816

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—

CVE-2024-38819

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
identity_manager oracle	`cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:::::::*`	—

CVE-2024-38998

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 4 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 9 products

Product	Identifier	Version
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:8.5.7:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:14.1.1.0.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—

CVE-2024-40898

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-45490

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-45491

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 7 products

Product	Identifier	Version
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:8.5.7:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:14.1.1.0.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2024-47072

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—

CVE-2024-47554

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 4 products

Product	Identifier	Version
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—

CVE-2024-47561

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—

CVE-2025-21498

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—

CVE-2025-21535

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2025-21549

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

References

35 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2019…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft meerdere kwetsbaarheden verholpen in zijn producten, waaronder Oracle Fusion Middleware, Oracle WebLogic Server, en Oracle HTTP Server.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden bevinden zich in verschillende Oracle producten, waaronder Oracle WebLogic Server versies 12.2.1.4.0 en 14.1.1.0.0, die het mogelijk maken voor ongeauthenticeerde kwaadwillenden om toegang te krijgen tot kritieke gegevens. Dit kan leiden tot ernstige gevolgen voor de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen. De kwetsbaarheid in Oracle HTTP Server versie 12.2.1.4.0 stelt kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, met een CVSS-score van 5.3, terwijl de kwetsbaarheid in WebLogic Server een CVSS-score van 9.8 heeft, wat wijst op een kritieke impact. Kwaadwillenden kunnen ook gebruik maken van kwetsbaarheden in Oracle Fusion Middleware en andere producten om Denial-of-Service (DoS) aanvallen uit te voeren.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
        "title": "CWE-338"
      },
      {
        "category": "general",
        "text": "Path Traversal: \u0027.../...//\u0027",
        "title": "CWE-35"
      },
      {
        "category": "general",
        "text": "Dependency on Vulnerable Third-Party Component",
        "title": "CWE-1395"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Incorrect Permission Assignment for Critical Resource",
        "title": "CWE-732"
      },
      {
        "category": "general",
        "text": "Improper Encoding or Escaping of Output",
        "title": "CWE-116"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "Use of Hard-coded Credentials",
        "title": "CWE-798"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Fusion Middleware",
    "tracking": {
      "current_release_date": "2025-01-22T13:36:27.908718Z",
      "id": "NCSC-2025-0027",
      "initial_release_date": "2025-01-22T13:36:27.908718Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:36:27.908718Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "http_server",
            "product": {
              "name": "http_server",
              "product_id": "CSAFPID-93909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "http_server",
            "product": {
              "name": "http_server",
              "product_id": "CSAFPID-40303",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "http_server",
            "product": {
              "name": "http_server",
              "product_id": "CSAFPID-912074",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:http_server:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware_mapviewer",
            "product": {
              "name": "fusion_middleware_mapviewer",
              "product_id": "CSAFPID-226018",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-1646487",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-332789",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-1747074",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.19.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-342815",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-271904",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-503474",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-1674670",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:8.5.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-3661",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-3660",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-1973",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-1751293",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "security_service",
            "product": {
              "name": "security_service",
              "product_id": "CSAFPID-199820",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:security_service:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_activity_monitoring",
            "product": {
              "name": "business_activity_monitoring",
              "product_id": "CSAFPID-228157",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_activity_monitoring__bam_",
            "product": {
              "name": "business_activity_monitoring__bam_",
              "product_id": "CSAFPID-764927",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_activity_monitoring__bam_",
            "product": {
              "name": "business_activity_monitoring__bam_",
              "product_id": "CSAFPID-764928",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "identity_manager",
            "product": {
              "name": "identity_manager",
              "product_id": "CSAFPID-220164",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "managed_file_transfer",
            "product": {
              "name": "managed_file_transfer",
              "product_id": "CSAFPID-204581",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "middleware_common_libraries_and_tools",
            "product": {
              "name": "middleware_common_libraries_and_tools",
              "product_id": "CSAFPID-94398",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "middleware_common_libraries_and_tools",
            "product": {
              "name": "middleware_common_libraries_and_tools",
              "product_id": "CSAFPID-94309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "middleware_common_libraries_and_tools",
            "product": {
              "name": "middleware_common_libraries_and_tools",
              "product_id": "CSAFPID-94393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_process_management_suite",
            "product": {
              "name": "business_process_management_suite",
              "product_id": "CSAFPID-9043",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_process_management_suite",
            "product": {
              "name": "business_process_management_suite",
              "product_id": "CSAFPID-9642",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "outside_in_technology",
            "product": {
              "name": "outside_in_technology",
              "product_id": "CSAFPID-1260",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "outside_in_technology",
            "product": {
              "name": "outside_in_technology",
              "product_id": "CSAFPID-912053",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_portal",
            "product": {
              "name": "webcenter_portal",
              "product_id": "CSAFPID-135359",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_portal",
            "product": {
              "name": "webcenter_portal",
              "product_id": "CSAFPID-45194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-12415",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-45194",
          "CSAFPID-135359",
          "CSAFPID-1646487",
          "CSAFPID-9642",
          "CSAFPID-40303",
          "CSAFPID-220164",
          "CSAFPID-204581",
          "CSAFPID-94309",
          "CSAFPID-1260",
          "CSAFPID-3661",
          "CSAFPID-3660",
          "CSAFPID-1973",
          "CSAFPID-94393",
          "CSAFPID-226018",
          "CSAFPID-764927",
          "CSAFPID-764928",
          "CSAFPID-9043",
          "CSAFPID-93909",
          "CSAFPID-94398"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2019-12415",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-12415.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-45194",
            "CSAFPID-135359",
            "CSAFPID-1646487",
            "CSAFPID-9642",
            "CSAFPID-40303",
            "CSAFPID-220164",
            "CSAFPID-204581",
            "CSAFPID-94309",
            "CSAFPID-1260",
            "CSAFPID-3661",
            "CSAFPID-3660",
            "CSAFPID-1973",
            "CSAFPID-94393",
            "CSAFPID-226018",
            "CSAFPID-764927",
            "CSAFPID-764928",
            "CSAFPID-9043",
            "CSAFPID-93909",
            "CSAFPID-94398"
          ]
        }
      ],
      "title": "CVE-2019-12415"
    },
    {
      "cve": "CVE-2023-7272",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-7272",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2023-7272"
    },
    {
      "cve": "CVE-2023-38709",
      "cwe": {
        "id": "CWE-113",
        "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
          "title": "CWE-113"
        },
        {
          "category": "other",
          "text": "Improper Validation of Specified Quantity in Input",
          "title": "CWE-1284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-271904",
          "CSAFPID-40303",
          "CSAFPID-220164",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-45194",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38709",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38709.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-271904",
            "CSAFPID-40303",
            "CSAFPID-220164",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-45194",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2023-38709"
    },
    {
      "cve": "CVE-2023-39410",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-9642",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-204581",
          "CSAFPID-220164",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-39410",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-9642",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-204581",
            "CSAFPID-220164",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-9642",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-204581",
          "CSAFPID-220164",
          "CSAFPID-271904",
          "CSAFPID-94393",
          "CSAFPID-226018",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-228157"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-9642",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-204581",
            "CSAFPID-220164",
            "CSAFPID-271904",
            "CSAFPID-94393",
            "CSAFPID-226018",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-228157"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-49582",
      "cwe": {
        "id": "CWE-732",
        "name": "Incorrect Permission Assignment for Critical Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Permission Assignment for Critical Resource",
          "title": "CWE-732"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-49582",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2023-49582"
    },
    {
      "cve": "CVE-2023-51775",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-332789",
          "CSAFPID-342815",
          "CSAFPID-1674670",
          "CSAFPID-503474",
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-94393",
          "CSAFPID-204581",
          "CSAFPID-220164",
          "CSAFPID-226018",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-228157",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51775",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-332789",
            "CSAFPID-342815",
            "CSAFPID-1674670",
            "CSAFPID-503474",
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-94393",
            "CSAFPID-204581",
            "CSAFPID-220164",
            "CSAFPID-226018",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-228157",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Dependency on Vulnerable Third-Party Component",
          "title": "CWE-1395"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-6119",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
          "title": "CWE-843"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6119",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-6119"
    },
    {
      "cve": "CVE-2024-8096",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8096",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8096.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-8096"
    },
    {
      "cve": "CVE-2024-23635",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-94393",
          "CSAFPID-204581",
          "CSAFPID-220164",
          "CSAFPID-226018",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-228157",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23635",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23635.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-94393",
            "CSAFPID-204581",
            "CSAFPID-220164",
            "CSAFPID-226018",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-228157",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-23635"
    },
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-271904",
          "CSAFPID-40303",
          "CSAFPID-220164",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-45194",
          "CSAFPID-3660",
          "CSAFPID-1973",
          "CSAFPID-1747074",
          "CSAFPID-1674670",
          "CSAFPID-503474"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29857",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-271904",
            "CSAFPID-40303",
            "CSAFPID-220164",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-45194",
            "CSAFPID-3660",
            "CSAFPID-1973",
            "CSAFPID-1747074",
            "CSAFPID-1674670",
            "CSAFPID-503474"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30171",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Timing Discrepancy",
          "title": "CWE-208"
        },
        {
          "category": "other",
          "text": "Observable Discrepancy",
          "title": "CWE-203"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-271904",
          "CSAFPID-40303",
          "CSAFPID-220164",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-45194",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30171",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30171.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-271904",
            "CSAFPID-40303",
            "CSAFPID-220164",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-45194",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-30171"
    },
    {
      "cve": "CVE-2024-30172",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-271904",
          "CSAFPID-40303",
          "CSAFPID-220164",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-45194",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30172",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-271904",
            "CSAFPID-40303",
            "CSAFPID-220164",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-45194",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-30172"
    },
    {
      "cve": "CVE-2024-34447",
      "cwe": {
        "id": "CWE-706",
        "name": "Use of Incorrectly-Resolved Name or Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-271904",
          "CSAFPID-40303",
          "CSAFPID-220164",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-45194",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34447",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34447.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-271904",
            "CSAFPID-40303",
            "CSAFPID-220164",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-45194",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-34447"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204581"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-204581"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-37370",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-199820"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37370",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-199820"
          ]
        }
      ],
      "title": "CVE-2024-37370"
    },
    {
      "cve": "CVE-2024-37371",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-199820"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37371",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-199820"
          ]
        }
      ],
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-38473",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Encoding Error",
          "title": "CWE-172"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38473",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-38473"
    },
    {
      "cve": "CVE-2024-38475",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        },
        {
          "category": "other",
          "text": "Path Traversal: \u0027.../...//\u0027",
          "title": "CWE-35"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Use of Hard-coded Credentials",
          "title": "CWE-798"
        },
        {
          "category": "other",
          "text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
          "title": "CWE-338"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38475",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-38475"
    },
    {
      "cve": "CVE-2024-38816",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Relative Path Traversal",
          "title": "CWE-23"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-94309",
          "CSAFPID-220164"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-94309",
            "CSAFPID-220164"
          ]
        }
      ],
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-94309",
          "CSAFPID-220164"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-94309",
            "CSAFPID-220164"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38998",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-9642",
          "CSAFPID-226018",
          "CSAFPID-45194"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-9642",
            "CSAFPID-226018",
            "CSAFPID-45194"
          ]
        }
      ],
      "title": "CVE-2024-38998"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9642",
          "CSAFPID-228157",
          "CSAFPID-332789",
          "CSAFPID-342815",
          "CSAFPID-271904",
          "CSAFPID-1674670",
          "CSAFPID-503474",
          "CSAFPID-226018",
          "CSAFPID-45194"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9642",
            "CSAFPID-228157",
            "CSAFPID-332789",
            "CSAFPID-342815",
            "CSAFPID-271904",
            "CSAFPID-1674670",
            "CSAFPID-503474",
            "CSAFPID-226018",
            "CSAFPID-45194"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-40898",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-40898",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-40898"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912053",
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45490",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053",
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912053",
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45491",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053",
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912053",
          "CSAFPID-332789",
          "CSAFPID-342815",
          "CSAFPID-271904",
          "CSAFPID-1674670",
          "CSAFPID-503474",
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053",
            "CSAFPID-332789",
            "CSAFPID-342815",
            "CSAFPID-271904",
            "CSAFPID-1674670",
            "CSAFPID-503474",
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-47072",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47072",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157"
          ]
        }
      ],
      "title": "CVE-2024-47072"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751293",
          "CSAFPID-45194",
          "CSAFPID-1973",
          "CSAFPID-3660"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751293",
            "CSAFPID-45194",
            "CSAFPID-1973",
            "CSAFPID-3660"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9642"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9642"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2025-21498",
      "product_status": {
        "known_affected": [
          "CSAFPID-40303"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21498",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21498.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40303"
          ]
        }
      ],
      "title": "CVE-2025-21498"
    },
    {
      "cve": "CVE-2025-21535",
      "product_status": {
        "known_affected": [
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2025-21535"
    },
    {
      "cve": "CVE-2025-21549",
      "product_status": {
        "known_affected": [
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2025-21549"
    }
  ]
}

NCSC-2025-0187

Vulnerability from csaf_ncscnl - Published: 2025-06-10 13:11 - Updated: 2025-06-10 13:11

Summary

Kwetsbaarheden verholpen in Siemens producten

Notes

Feiten: Siemens heeft kwetsbaarheden verholpen in diverse producten als RUGGEDCOM, SCALANCE, SIMATIC en Tecnomatix

Interpretaties: De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Omzeilen van een beveiligingsmaatregel - Omzeilen van authenticatie - (Remote) code execution (root/admin rechten) - (Remote) code execution (Gebruikersrechten) - Toegang tot systeemgegevens - Toegang tot gevoelige gegevens - Spoofing De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

Oplossingen: Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-395: Use of NullPointerException Catch to Detect NULL Pointer Dereference

CWE-332: Insufficient Entropy in PRNG

CWE-940: Improper Verification of Source of a Communication Channel

CWE-466: Return of Pointer Value Outside of Expected Range

CWE-390: Detection of Error Condition Without Action

CWE-826: Premature Release of Resource During Expected Lifetime

CWE-222: Truncation of Security-relevant Information

CWE-310: CWE-310

CWE-273: Improper Check for Dropped Privileges

CWE-364: Signal Handler Race Condition

CWE-911: Improper Update of Reference Count

CWE-131: Incorrect Calculation of Buffer Size

CWE-304: Missing Critical Step in Authentication

CWE-684: Incorrect Provision of Specified Functionality

CWE-130: Improper Handling of Length Parameter Inconsistency

CWE-268: Privilege Chaining

CWE-366: Race Condition within a Thread

CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences

CWE-201: Insertion of Sensitive Information Into Sent Data

CWE-407: Inefficient Algorithmic Complexity

CWE-371: CWE-371

CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-667: Improper Locking

CWE-311: Missing Encryption of Sensitive Data

CWE-703: Improper Check or Handling of Exceptional Conditions

CWE-908: Use of Uninitialized Resource

CWE-617: Reachable Assertion

CWE-129: Improper Validation of Array Index

CWE-124: Buffer Underwrite ('Buffer Underflow')

CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

CWE-345: Insufficient Verification of Data Authenticity

CWE-354: Improper Validation of Integrity Check Value

CWE-325: Missing Cryptographic Step

CWE-190: Integer Overflow or Wraparound

CWE-290: Authentication Bypass by Spoofing

CWE-99: Improper Control of Resource Identifiers ('Resource Injection')

CWE-665: Improper Initialization

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-284: Improper Access Control

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-416: Use After Free

CWE-476: NULL Pointer Dereference

CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-611: Improper Restriction of XML External Entity Reference

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-122: Heap-based Buffer Overflow

CWE-121: Stack-based Buffer Overflow

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-73: External Control of File Name or Path

CWE-20: Improper Input Validation

CWE-863: Incorrect Authorization

CWE-276: Incorrect Default Permissions

CVE-2021-41617

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-4527

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-4806

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-4911

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-5363

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-325 - Missing Cryptographic Step

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-6246

8.4 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-6779

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-6780

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-28531

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-38545

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-38546

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-73 - External Control of File Name or Path

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-44487

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-46218

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-46219

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-48795

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-222 - Truncation of Security-relevant Information

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-51384

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-304 - Missing Critical Step in Authentication

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-51385

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2023-52927

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-2961

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-6119

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-6387

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-12133

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-12243

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-24855

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-26596

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-28085

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-268 - Privilege Chaining

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-33599

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-33600

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-33601

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-703 - Improper Check or Handling of Exceptional Conditions

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-33602

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-466 - Return of Pointer Value Outside of Expected Range

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-34397

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-940 - Improper Verification of Source of a Communication Channel

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-37370

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-37371

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-41797

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-269 - Improper Privilege Management

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-45490

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-45491

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-50246

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-53166

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-57977

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-667 - Improper Locking

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-57996

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-129 - Improper Validation of Array Index

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2024-58005

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-0133

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-4373

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-4598

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21701

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21702

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21712

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21724

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21728

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21745

CWE-911 - Improper Update of Reference Count

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21756

CWE-416 - Use After Free

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21758

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21765

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21766

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21767

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-332 - Insufficient Entropy in PRNG

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21795

CWE-371 - -

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21796

CWE-416 - Use After Free

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21848

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21862

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-665 - Improper Initialization

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21864

CWE-371 - -

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-21865

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-26465

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-310 - -

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-31115

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-366 - Race Condition within a Thread

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-32454

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-40567

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-40568

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-863 - Incorrect Authorization

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-40569

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-40585

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L

CWE-276 - Incorrect Default Permissions

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

CVE-2025-46836

6.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 99 products

Product	Identifier	Version
vers:unknown/none Siemens / Siemens / SIMATIC S7-1500		vers:unknown/none
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:all/>=v3.1.0
vers:siemens/3.1.0 Siemens / Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware		vers:siemens/3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:all/>=v3.1.0
vers:all/>=v3.1.0 Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:all/>=v3.1.0
vers:all/* Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:all/*
vers:unknown/<v1.3.0 Siemens / SIMATIC S7-1500 TM MFP - BIOS		vers:unknown/<v1.3.0
vers:unknown/<v1.1 Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/<v1.1
vers:all/>=v3.1.0 Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)		vers:all/>=v3.1.0
vers:unknown/1.0 Siemens / Siemens / Simatic S7-1500 Tm Mfp Firmware		vers:unknown/1.0
vers:all/* Siemens / RUGGEDCOM APE1808		vers:all/*
vers:siemens/7.4.3 Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:siemens/7.4.3
vers:unknown/none Siemens / Siemens / RUGGEDCOM APE1808 Firmware		vers:unknown/none
vers:unknown/none Siemens / Siemens / Ruggedcom Ape1808		vers:unknown/none
vers:unknown/* Siemens / ruggedcom_ape1808	`cpe:2.3:a:siemens:ruggedcom_ape1808::::::::`	vers:unknown/*
vers:siemens/3.0.0 Siemens / Siemens / Scalance W700 Ieee 802.11Ax Firmware		vers:siemens/3.0.0
vers:all/* Siemens / Energy Services		vers:all/*
vers:all/<v2404.0013 Siemens / Tecnomatix Plant Simulation V2404		vers:all/<v2404.0013
vers:all/<v3.1 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC316-8 (6GK5324-8TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 (6GK5328-4TS00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC332 (6GK5332-0GA00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC416-8 (6GK5424-8TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC424-4 (6GK5428-4TR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XC432 (6GK5432-0GR00-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCH328 (6GK5328-4TS01-2EC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM324 (6GK5324-8TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM328 (6GK5328-4TS01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XCM332 (6GK5332-0GA01-2AC2)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR302-32 (6GK5334-5TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR322-12 (6GK5334-3TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 (6GK5334-2TS00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR502-32 (6GK5534-5TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR522-12 (6GK5534-3TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XR526-8 (6GK5534-2TR00-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)		vers:all/<v3.2
vers:all/<v3.1 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.1
vers:all/<v3.2 Siemens / SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)		vers:all/<v3.2

References

76 references

URL	Category
https://cert-portal.siemens.com/productcert/pdf/s…	external
https://cert-portal.siemens.com/productcert/pdf/s…	external
https://cert-portal.siemens.com/productcert/pdf/s…	external
https://cert-portal.siemens.com/productcert/pdf/s…	external
https://cert-portal.siemens.com/productcert/pdf/s…	external
https://cert-portal.siemens.com/productcert/pdf/s…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als RUGGEDCOM, SCALANCE, SIMATIC en Tecnomatix",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Use of NullPointerException Catch to Detect NULL Pointer Dereference",
        "title": "CWE-395"
      },
      {
        "category": "general",
        "text": "Insufficient Entropy in PRNG",
        "title": "CWE-332"
      },
      {
        "category": "general",
        "text": "Improper Verification of Source of a Communication Channel",
        "title": "CWE-940"
      },
      {
        "category": "general",
        "text": "Return of Pointer Value Outside of Expected Range",
        "title": "CWE-466"
      },
      {
        "category": "general",
        "text": "Detection of Error Condition Without Action",
        "title": "CWE-390"
      },
      {
        "category": "general",
        "text": "Premature Release of Resource During Expected Lifetime",
        "title": "CWE-826"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "CWE-310",
        "title": "CWE-310"
      },
      {
        "category": "general",
        "text": "Improper Check for Dropped Privileges",
        "title": "CWE-273"
      },
      {
        "category": "general",
        "text": "Signal Handler Race Condition",
        "title": "CWE-364"
      },
      {
        "category": "general",
        "text": "Improper Update of Reference Count",
        "title": "CWE-911"
      },
      {
        "category": "general",
        "text": "Incorrect Calculation of Buffer Size",
        "title": "CWE-131"
      },
      {
        "category": "general",
        "text": "Missing Critical Step in Authentication",
        "title": "CWE-304"
      },
      {
        "category": "general",
        "text": "Incorrect Provision of Specified Functionality",
        "title": "CWE-684"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Privilege Chaining",
        "title": "CWE-268"
      },
      {
        "category": "general",
        "text": "Race Condition within a Thread",
        "title": "CWE-366"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Escape, Meta, or Control Sequences",
        "title": "CWE-150"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information Into Sent Data",
        "title": "CWE-201"
      },
      {
        "category": "general",
        "text": "Inefficient Algorithmic Complexity",
        "title": "CWE-407"
      },
      {
        "category": "general",
        "text": "CWE-371",
        "title": "CWE-371"
      },
      {
        "category": "general",
        "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
        "title": "CWE-367"
      },
      {
        "category": "general",
        "text": "Improper Locking",
        "title": "CWE-667"
      },
      {
        "category": "general",
        "text": "Missing Encryption of Sensitive Data",
        "title": "CWE-311"
      },
      {
        "category": "general",
        "text": "Improper Check or Handling of Exceptional Conditions",
        "title": "CWE-703"
      },
      {
        "category": "general",
        "text": "Use of Uninitialized Resource",
        "title": "CWE-908"
      },
      {
        "category": "general",
        "text": "Reachable Assertion",
        "title": "CWE-617"
      },
      {
        "category": "general",
        "text": "Improper Validation of Array Index",
        "title": "CWE-129"
      },
      {
        "category": "general",
        "text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
        "title": "CWE-124"
      },
      {
        "category": "general",
        "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
        "title": "CWE-843"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Improper Validation of Integrity Check Value",
        "title": "CWE-354"
      },
      {
        "category": "general",
        "text": "Missing Cryptographic Step",
        "title": "CWE-325"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Authentication Bypass by Spoofing",
        "title": "CWE-290"
      },
      {
        "category": "general",
        "text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
        "title": "CWE-99"
      },
      {
        "category": "general",
        "text": "Improper Initialization",
        "title": "CWE-665"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
        "title": "CWE-757"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "External Control of File Name or Path",
        "title": "CWE-73"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      },
      {
        "category": "general",
        "text": "Incorrect Default Permissions",
        "title": "CWE-276"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-082556.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-345750.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-486186.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-513708.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-633269.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693776.pdf"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Siemens producten",
    "tracking": {
      "current_release_date": "2025-06-10T13:11:56.672768Z",
      "generator": {
        "date": "2025-06-05T14:45:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.1"
        }
      },
      "id": "NCSC-2025-0187",
      "initial_release_date": "2025-06-10T13:11:56.672768Z",
      "revision_history": [
        {
          "date": "2025-06-10T13:11:56.672768Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/none",
                    "product": {
                      "name": "vers:unknown/none",
                      "product_id": "CSAFPID-1211853"
                    }
                  }
                ],
                "category": "product_name",
                "name": "SIMATIC S7-1500"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:siemens/3.1.0",
                    "product": {
                      "name": "vers:siemens/3.1.0",
                      "product_id": "CSAFPID-1195553"
                    }
                  }
                ],
                "category": "product_name",
                "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/1.0",
                    "product": {
                      "name": "vers:unknown/1.0",
                      "product_id": "CSAFPID-1211202"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Simatic S7-1500 Tm Mfp Firmware"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:siemens/7.4.3",
                    "product": {
                      "name": "vers:siemens/7.4.3",
                      "product_id": "CSAFPID-2849543"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/none",
                    "product": {
                      "name": "vers:unknown/none",
                      "product_id": "CSAFPID-1756091"
                    }
                  }
                ],
                "category": "product_name",
                "name": "RUGGEDCOM APE1808 Firmware"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/none",
                    "product": {
                      "name": "vers:unknown/none",
                      "product_id": "CSAFPID-2619544"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Ruggedcom Ape1808"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:siemens/3.0.0",
                    "product": {
                      "name": "vers:siemens/3.0.0",
                      "product_id": "CSAFPID-2082475"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Scalance W700 Ieee 802.11Ax Firmware"
              }
            ],
            "category": "product_family",
            "name": "Siemens"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003e=v3.1.0",
                "product": {
                  "name": "vers:all/\u003e=v3.1.0",
                  "product_id": "CSAFPID-1266669"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003e=v3.1.0",
                "product": {
                  "name": "vers:all/\u003e=v3.1.0",
                  "product_id": "CSAFPID-1266670"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003e=v3.1.0",
                "product": {
                  "name": "vers:all/\u003e=v3.1.0",
                  "product_id": "CSAFPID-1266671"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003e=v3.1.0",
                "product": {
                  "name": "vers:all/\u003e=v3.1.0",
                  "product_id": "CSAFPID-1266672"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "vers:all/*",
                  "product_id": "CSAFPID-2460438"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/\u003cv1.3.0",
                "product": {
                  "name": "vers:unknown/\u003cv1.3.0",
                  "product_id": "CSAFPID-1270701"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP - BIOS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/\u003cv1.1",
                "product": {
                  "name": "vers:unknown/\u003cv1.1",
                  "product_id": "CSAFPID-1270700"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003e=v3.1.0",
                "product": {
                  "name": "vers:all/\u003e=v3.1.0",
                  "product_id": "CSAFPID-1266673"
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "vers:all/*",
                  "product_id": "CSAFPID-1272525"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM APE1808"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-126262",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ruggedcom_ape1808"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "vers:all/*",
                  "product_id": "CSAFPID-2905706"
                }
              }
            ],
            "category": "product_name",
            "name": "Energy Services"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv2404.0013",
                "product": {
                  "name": "vers:all/\u003cv2404.0013",
                  "product_id": "CSAFPID-2905742"
                }
              }
            ],
            "category": "product_name",
            "name": "Tecnomatix Plant Simulation V2404"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905748"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905793"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905749"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905794"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905750"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905795"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905751"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905796"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC332 (6GK5332-0GA00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905752"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905797"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905753"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905798"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905754"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905799"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XC432 (6GK5432-0GR00-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905755"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905800"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XCH328 (6GK5328-4TS01-2EC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905756"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905801"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XCM324 (6GK5324-8TS01-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905757"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905802"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XCM328 (6GK5328-4TS01-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905758"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905803"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XCM332 (6GK5332-0GA01-2AC2)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905759"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905804"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905760"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905805"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905761"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905806"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905762"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905807"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905763"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905808"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905764"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905809"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905765"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905810"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905766"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905811"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905767"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905812"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905768"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905813"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905769"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905814"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905770"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905815"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905771"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905816"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905772"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905817"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905773"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905818"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905774"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905819"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905775"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905820"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905776"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905821"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905777"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905822"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905778"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905823"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905786"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905831"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905785"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905830"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905787"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905832"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905783"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905828"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905782"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905827"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905784"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905829"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905780"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905825"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905779"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905824"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.1",
                "product": {
                  "name": "vers:all/\u003cv3.1",
                  "product_id": "CSAFPID-2905781"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cv3.2",
                "product": {
                  "name": "vers:all/\u003cv3.2",
                  "product_id": "CSAFPID-2905826"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-41617",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        },
        {
          "category": "other",
          "text": "Improper Check for Dropped Privileges",
          "title": "CWE-273"
        },
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41617 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-2021-41617.json"
        }
      ],
      "title": "CVE-2021-41617"
    },
    {
      "cve": "CVE-2023-4527",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4527 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4527.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-4527"
    },
    {
      "cve": "CVE-2023-4806",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4806 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4806.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-4806"
    },
    {
      "cve": "CVE-2023-4911",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4911 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4911.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-4911"
    },
    {
      "cve": "CVE-2023-5363",
      "cwe": {
        "id": "CWE-325",
        "name": "Missing Cryptographic Step"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Cryptographic Step",
          "title": "CWE-325"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Incorrect Provision of Specified Functionality",
          "title": "CWE-684"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5363 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-5363.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-5363"
    },
    {
      "cve": "CVE-2023-6246",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6246 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6246.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-6246"
    },
    {
      "cve": "CVE-2023-6779",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6779 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6779.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-6779"
    },
    {
      "cve": "CVE-2023-6780",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6780 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6780.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-6780"
    },
    {
      "cve": "CVE-2023-28531",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28531 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-28531.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-28531"
    },
    {
      "cve": "CVE-2023-38545",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38545 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38545.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-38545"
    },
    {
      "cve": "CVE-2023-38546",
      "cwe": {
        "id": "CWE-73",
        "name": "External Control of File Name or Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "External Control of File Name or Path",
          "title": "CWE-73"
        },
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38546 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38546.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-38546"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-46218",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information Into Sent Data",
          "title": "CWE-201"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46218 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-46218.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-46218"
    },
    {
      "cve": "CVE-2023-46219",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46219 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-46219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-46219"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        },
        {
          "category": "other",
          "text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
          "title": "CWE-757"
        },
        {
          "category": "other",
          "text": "Improper Validation of Integrity Check Value",
          "title": "CWE-354"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Amber",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51384",
      "cwe": {
        "id": "CWE-304",
        "name": "Missing Critical Step in Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Critical Step in Authentication",
          "title": "CWE-304"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51384 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-51384.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-51384"
    },
    {
      "cve": "CVE-2023-51385",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51385 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-51385.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2023-51385"
    },
    {
      "cve": "CVE-2023-52927",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52927 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-52927.json"
        }
      ],
      "title": "CVE-2023-52927"
    },
    {
      "cve": "CVE-2024-2961",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2961 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-2961.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-2961"
    },
    {
      "cve": "CVE-2024-6119",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
          "title": "CWE-843"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6119 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-6119.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-6119"
    },
    {
      "cve": "CVE-2024-6387",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "Signal Handler Race Condition",
          "title": "CWE-364"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6387 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-6387.json"
        }
      ],
      "title": "CVE-2024-6387"
    },
    {
      "cve": "CVE-2024-12133",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Inefficient Algorithmic Complexity",
          "title": "CWE-407"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-12133 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12133.json"
        }
      ],
      "title": "CVE-2024-12133"
    },
    {
      "cve": "CVE-2024-12243",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Inefficient Algorithmic Complexity",
          "title": "CWE-407"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-12243 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12243.json"
        }
      ],
      "title": "CVE-2024-12243"
    },
    {
      "cve": "CVE-2024-24855",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        },
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24855 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-24855.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-24855"
    },
    {
      "cve": "CVE-2024-26596",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26596 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-26596.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-26596"
    },
    {
      "cve": "CVE-2024-28085",
      "cwe": {
        "id": "CWE-268",
        "name": "Privilege Chaining"
      },
      "notes": [
        {
          "category": "other",
          "text": "Privilege Chaining",
          "title": "CWE-268"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Escape, Meta, or Control Sequences",
          "title": "CWE-150"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28085 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28085.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-28085"
    },
    {
      "cve": "CVE-2024-33599",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33599 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33599.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-33599"
    },
    {
      "cve": "CVE-2024-33600",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33600 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33600.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-33600"
    },
    {
      "cve": "CVE-2024-33601",
      "cwe": {
        "id": "CWE-703",
        "name": "Improper Check or Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check or Handling of Exceptional Conditions",
          "title": "CWE-703"
        },
        {
          "category": "other",
          "text": "Reachable Assertion",
          "title": "CWE-617"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33601 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33601.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-33601"
    },
    {
      "cve": "CVE-2024-33602",
      "cwe": {
        "id": "CWE-466",
        "name": "Return of Pointer Value Outside of Expected Range"
      },
      "notes": [
        {
          "category": "other",
          "text": "Return of Pointer Value Outside of Expected Range",
          "title": "CWE-466"
        },
        {
          "category": "other",
          "text": "Improper Check or Handling of Exceptional Conditions",
          "title": "CWE-703"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33602 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33602.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-33602"
    },
    {
      "cve": "CVE-2024-34397",
      "cwe": {
        "id": "CWE-940",
        "name": "Improper Verification of Source of a Communication Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Source of a Communication Channel",
          "title": "CWE-940"
        },
        {
          "category": "other",
          "text": "Authentication Bypass by Spoofing",
          "title": "CWE-290"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34397 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-34397.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-34397"
    },
    {
      "cve": "CVE-2024-37370",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        },
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37370 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37370.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-37370"
    },
    {
      "cve": "CVE-2024-37371",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37371 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37371.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-41797",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-41797 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-41797.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-41797"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45490 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45490.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45491 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45491.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-50246",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-50246 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-50246.json"
        }
      ],
      "title": "CVE-2024-50246"
    },
    {
      "cve": "CVE-2024-53166",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53166 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-53166.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-53166"
    },
    {
      "cve": "CVE-2024-57977",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Locking",
          "title": "CWE-667"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57977 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57977.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-57977"
    },
    {
      "cve": "CVE-2024-57996",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Array Index",
          "title": "CWE-129"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57996 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57996.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-57996"
    },
    {
      "cve": "CVE-2024-58005",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
          "title": "CWE-99"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-58005 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-58005.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2024-58005"
    },
    {
      "cve": "CVE-2025-0133",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-0133 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-0133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-0133"
    },
    {
      "cve": "CVE-2025-4373",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
          "title": "CWE-124"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-4373 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4373.json"
        }
      ],
      "title": "CVE-2025-4373"
    },
    {
      "cve": "CVE-2025-4598",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "Signal Handler Race Condition",
          "title": "CWE-364"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-4598 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4598.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-4598"
    },
    {
      "cve": "CVE-2025-21701",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21701 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21701.json"
        }
      ],
      "title": "CVE-2025-21701"
    },
    {
      "cve": "CVE-2025-21702",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21702 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21702.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21702"
    },
    {
      "cve": "CVE-2025-21712",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21712 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21712.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21712"
    },
    {
      "cve": "CVE-2025-21724",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21724 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21724.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21724"
    },
    {
      "cve": "CVE-2025-21728",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21728 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21728.json"
        }
      ],
      "title": "CVE-2025-21728"
    },
    {
      "cve": "CVE-2025-21745",
      "cwe": {
        "id": "CWE-911",
        "name": "Improper Update of Reference Count"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Update of Reference Count",
          "title": "CWE-911"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21745 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21745.json"
        }
      ],
      "title": "CVE-2025-21745"
    },
    {
      "cve": "CVE-2025-21756",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21756 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21756.json"
        }
      ],
      "title": "CVE-2025-21756"
    },
    {
      "cve": "CVE-2025-21758",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21758 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21758.json"
        }
      ],
      "title": "CVE-2025-21758"
    },
    {
      "cve": "CVE-2025-21765",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21765 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21765.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21765"
    },
    {
      "cve": "CVE-2025-21766",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21766 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21766.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21766"
    },
    {
      "cve": "CVE-2025-21767",
      "cwe": {
        "id": "CWE-332",
        "name": "Insufficient Entropy in PRNG"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Entropy in PRNG",
          "title": "CWE-332"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21767 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21767.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21767"
    },
    {
      "cve": "CVE-2025-21795",
      "cwe": {
        "id": "CWE-371",
        "name": "-"
      },
      "notes": [
        {
          "category": "other",
          "text": "CWE-371",
          "title": "CWE-371"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21795 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21795.json"
        }
      ],
      "title": "CVE-2025-21795"
    },
    {
      "cve": "CVE-2025-21796",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21796 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21796.json"
        }
      ],
      "title": "CVE-2025-21796"
    },
    {
      "cve": "CVE-2025-21848",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Use of NullPointerException Catch to Detect NULL Pointer Dereference",
          "title": "CWE-395"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21848 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21848.json"
        }
      ],
      "title": "CVE-2025-21848"
    },
    {
      "cve": "CVE-2025-21862",
      "cwe": {
        "id": "CWE-665",
        "name": "Improper Initialization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Initialization",
          "title": "CWE-665"
        },
        {
          "category": "other",
          "text": "Use of Uninitialized Resource",
          "title": "CWE-908"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21862 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21862.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-21862"
    },
    {
      "cve": "CVE-2025-21864",
      "cwe": {
        "id": "CWE-371",
        "name": "-"
      },
      "notes": [
        {
          "category": "other",
          "text": "CWE-371",
          "title": "CWE-371"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21864 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21864.json"
        }
      ],
      "title": "CVE-2025-21864"
    },
    {
      "cve": "CVE-2025-21865",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21865 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21865.json"
        }
      ],
      "title": "CVE-2025-21865"
    },
    {
      "cve": "CVE-2025-26465",
      "cwe": {
        "id": "CWE-310",
        "name": "-"
      },
      "notes": [
        {
          "category": "other",
          "text": "CWE-310",
          "title": "CWE-310"
        },
        {
          "category": "other",
          "text": "Detection of Error Condition Without Action",
          "title": "CWE-390"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-26465 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-26465.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-26465"
    },
    {
      "cve": "CVE-2025-31115",
      "cwe": {
        "id": "CWE-366",
        "name": "Race Condition within a Thread"
      },
      "notes": [
        {
          "category": "other",
          "text": "Race Condition within a Thread",
          "title": "CWE-366"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        },
        {
          "category": "other",
          "text": "Premature Release of Resource During Expected Lifetime",
          "title": "CWE-826"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-31115 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31115.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-31115"
    },
    {
      "cve": "CVE-2025-32454",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32454 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32454.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-32454"
    },
    {
      "cve": "CVE-2025-40567",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40567 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40567.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-40567"
    },
    {
      "cve": "CVE-2025-40568",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40568 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40568.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-40568"
    },
    {
      "cve": "CVE-2025-40569",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40569 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40569.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-40569"
    },
    {
      "cve": "CVE-2025-40585",
      "cwe": {
        "id": "CWE-276",
        "name": "Incorrect Default Permissions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Default Permissions",
          "title": "CWE-276"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40585 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40585.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-40585"
    },
    {
      "cve": "CVE-2025-46836",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1211853",
          "CSAFPID-1266669",
          "CSAFPID-1266670",
          "CSAFPID-1195553",
          "CSAFPID-1266671",
          "CSAFPID-1266672",
          "CSAFPID-2460438",
          "CSAFPID-1270701",
          "CSAFPID-1270700",
          "CSAFPID-1266673",
          "CSAFPID-1211202",
          "CSAFPID-1272525",
          "CSAFPID-2849543",
          "CSAFPID-1756091",
          "CSAFPID-2619544",
          "CSAFPID-126262",
          "CSAFPID-2082475",
          "CSAFPID-2905706",
          "CSAFPID-2905742",
          "CSAFPID-2905748",
          "CSAFPID-2905793",
          "CSAFPID-2905749",
          "CSAFPID-2905794",
          "CSAFPID-2905750",
          "CSAFPID-2905795",
          "CSAFPID-2905751",
          "CSAFPID-2905796",
          "CSAFPID-2905752",
          "CSAFPID-2905797",
          "CSAFPID-2905753",
          "CSAFPID-2905798",
          "CSAFPID-2905754",
          "CSAFPID-2905799",
          "CSAFPID-2905755",
          "CSAFPID-2905800",
          "CSAFPID-2905756",
          "CSAFPID-2905801",
          "CSAFPID-2905757",
          "CSAFPID-2905802",
          "CSAFPID-2905758",
          "CSAFPID-2905803",
          "CSAFPID-2905759",
          "CSAFPID-2905804",
          "CSAFPID-2905760",
          "CSAFPID-2905805",
          "CSAFPID-2905761",
          "CSAFPID-2905806",
          "CSAFPID-2905762",
          "CSAFPID-2905807",
          "CSAFPID-2905763",
          "CSAFPID-2905808",
          "CSAFPID-2905764",
          "CSAFPID-2905809",
          "CSAFPID-2905765",
          "CSAFPID-2905810",
          "CSAFPID-2905766",
          "CSAFPID-2905811",
          "CSAFPID-2905767",
          "CSAFPID-2905812",
          "CSAFPID-2905768",
          "CSAFPID-2905813",
          "CSAFPID-2905769",
          "CSAFPID-2905814",
          "CSAFPID-2905770",
          "CSAFPID-2905815",
          "CSAFPID-2905771",
          "CSAFPID-2905816",
          "CSAFPID-2905772",
          "CSAFPID-2905817",
          "CSAFPID-2905773",
          "CSAFPID-2905818",
          "CSAFPID-2905774",
          "CSAFPID-2905819",
          "CSAFPID-2905775",
          "CSAFPID-2905820",
          "CSAFPID-2905776",
          "CSAFPID-2905821",
          "CSAFPID-2905777",
          "CSAFPID-2905822",
          "CSAFPID-2905778",
          "CSAFPID-2905823",
          "CSAFPID-2905786",
          "CSAFPID-2905831",
          "CSAFPID-2905785",
          "CSAFPID-2905830",
          "CSAFPID-2905787",
          "CSAFPID-2905832",
          "CSAFPID-2905783",
          "CSAFPID-2905828",
          "CSAFPID-2905782",
          "CSAFPID-2905827",
          "CSAFPID-2905784",
          "CSAFPID-2905829",
          "CSAFPID-2905780",
          "CSAFPID-2905825",
          "CSAFPID-2905779",
          "CSAFPID-2905824",
          "CSAFPID-2905781",
          "CSAFPID-2905826"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-46836 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-46836.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1211853",
            "CSAFPID-1266669",
            "CSAFPID-1266670",
            "CSAFPID-1195553",
            "CSAFPID-1266671",
            "CSAFPID-1266672",
            "CSAFPID-2460438",
            "CSAFPID-1270701",
            "CSAFPID-1270700",
            "CSAFPID-1266673",
            "CSAFPID-1211202",
            "CSAFPID-1272525",
            "CSAFPID-2849543",
            "CSAFPID-1756091",
            "CSAFPID-2619544",
            "CSAFPID-126262",
            "CSAFPID-2082475",
            "CSAFPID-2905706",
            "CSAFPID-2905742",
            "CSAFPID-2905748",
            "CSAFPID-2905793",
            "CSAFPID-2905749",
            "CSAFPID-2905794",
            "CSAFPID-2905750",
            "CSAFPID-2905795",
            "CSAFPID-2905751",
            "CSAFPID-2905796",
            "CSAFPID-2905752",
            "CSAFPID-2905797",
            "CSAFPID-2905753",
            "CSAFPID-2905798",
            "CSAFPID-2905754",
            "CSAFPID-2905799",
            "CSAFPID-2905755",
            "CSAFPID-2905800",
            "CSAFPID-2905756",
            "CSAFPID-2905801",
            "CSAFPID-2905757",
            "CSAFPID-2905802",
            "CSAFPID-2905758",
            "CSAFPID-2905803",
            "CSAFPID-2905759",
            "CSAFPID-2905804",
            "CSAFPID-2905760",
            "CSAFPID-2905805",
            "CSAFPID-2905761",
            "CSAFPID-2905806",
            "CSAFPID-2905762",
            "CSAFPID-2905807",
            "CSAFPID-2905763",
            "CSAFPID-2905808",
            "CSAFPID-2905764",
            "CSAFPID-2905809",
            "CSAFPID-2905765",
            "CSAFPID-2905810",
            "CSAFPID-2905766",
            "CSAFPID-2905811",
            "CSAFPID-2905767",
            "CSAFPID-2905812",
            "CSAFPID-2905768",
            "CSAFPID-2905813",
            "CSAFPID-2905769",
            "CSAFPID-2905814",
            "CSAFPID-2905770",
            "CSAFPID-2905815",
            "CSAFPID-2905771",
            "CSAFPID-2905816",
            "CSAFPID-2905772",
            "CSAFPID-2905817",
            "CSAFPID-2905773",
            "CSAFPID-2905818",
            "CSAFPID-2905774",
            "CSAFPID-2905819",
            "CSAFPID-2905775",
            "CSAFPID-2905820",
            "CSAFPID-2905776",
            "CSAFPID-2905821",
            "CSAFPID-2905777",
            "CSAFPID-2905822",
            "CSAFPID-2905778",
            "CSAFPID-2905823",
            "CSAFPID-2905786",
            "CSAFPID-2905831",
            "CSAFPID-2905785",
            "CSAFPID-2905830",
            "CSAFPID-2905787",
            "CSAFPID-2905832",
            "CSAFPID-2905783",
            "CSAFPID-2905828",
            "CSAFPID-2905782",
            "CSAFPID-2905827",
            "CSAFPID-2905784",
            "CSAFPID-2905829",
            "CSAFPID-2905780",
            "CSAFPID-2905825",
            "CSAFPID-2905779",
            "CSAFPID-2905824",
            "CSAFPID-2905781",
            "CSAFPID-2905826"
          ]
        }
      ],
      "title": "CVE-2025-46836"
    }
  ]
}

OPENSUSE-SU-2024:14322-1

Vulnerability from csaf_opensuse - Published: 2024-09-06 00:00 - Updated: 2024-09-06 00:00

Summary

expat-2.6.3-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: expat-2.6.3-1.1 on GA media

Description of the patch: These are all security issues fixed in the expat-2.6.3-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14322

CVE-2024-45490

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45491

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45492

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 20 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

15 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-45490/	self
https://www.suse.com/security/cve/CVE-2024-45491/	self
https://www.suse.com/security/cve/CVE-2024-45492/	self
https://www.suse.com/security/cve/CVE-2024-45490	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229962	external
https://www.suse.com/security/cve/CVE-2024-45491	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229931	external
https://www.suse.com/security/cve/CVE-2024-45492	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229932	external
https://bugzilla.suse.com/1229964	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "expat-2.6.3-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the expat-2.6.3-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14322",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14322-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      }
    ],
    "title": "expat-2.6.3-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-09-06T00:00:00Z",
      "generator": {
        "date": "2024-09-06T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14322-1",
      "initial_release_date": "2024-09-06T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-09-06T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-2.6.3-1.1.aarch64",
                "product": {
                  "name": "expat-2.6.3-1.1.aarch64",
                  "product_id": "expat-2.6.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-2.6.3-1.1.aarch64",
                "product": {
                  "name": "libexpat-devel-2.6.3-1.1.aarch64",
                  "product_id": "libexpat-devel-2.6.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-32bit-2.6.3-1.1.aarch64",
                "product": {
                  "name": "libexpat-devel-32bit-2.6.3-1.1.aarch64",
                  "product_id": "libexpat-devel-32bit-2.6.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-2.6.3-1.1.aarch64",
                "product": {
                  "name": "libexpat1-2.6.3-1.1.aarch64",
                  "product_id": "libexpat1-2.6.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-32bit-2.6.3-1.1.aarch64",
                "product": {
                  "name": "libexpat1-32bit-2.6.3-1.1.aarch64",
                  "product_id": "libexpat1-32bit-2.6.3-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-2.6.3-1.1.ppc64le",
                "product": {
                  "name": "expat-2.6.3-1.1.ppc64le",
                  "product_id": "expat-2.6.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-2.6.3-1.1.ppc64le",
                "product": {
                  "name": "libexpat-devel-2.6.3-1.1.ppc64le",
                  "product_id": "libexpat-devel-2.6.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-32bit-2.6.3-1.1.ppc64le",
                "product": {
                  "name": "libexpat-devel-32bit-2.6.3-1.1.ppc64le",
                  "product_id": "libexpat-devel-32bit-2.6.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-2.6.3-1.1.ppc64le",
                "product": {
                  "name": "libexpat1-2.6.3-1.1.ppc64le",
                  "product_id": "libexpat1-2.6.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-32bit-2.6.3-1.1.ppc64le",
                "product": {
                  "name": "libexpat1-32bit-2.6.3-1.1.ppc64le",
                  "product_id": "libexpat1-32bit-2.6.3-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-2.6.3-1.1.s390x",
                "product": {
                  "name": "expat-2.6.3-1.1.s390x",
                  "product_id": "expat-2.6.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-2.6.3-1.1.s390x",
                "product": {
                  "name": "libexpat-devel-2.6.3-1.1.s390x",
                  "product_id": "libexpat-devel-2.6.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-32bit-2.6.3-1.1.s390x",
                "product": {
                  "name": "libexpat-devel-32bit-2.6.3-1.1.s390x",
                  "product_id": "libexpat-devel-32bit-2.6.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-2.6.3-1.1.s390x",
                "product": {
                  "name": "libexpat1-2.6.3-1.1.s390x",
                  "product_id": "libexpat1-2.6.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-32bit-2.6.3-1.1.s390x",
                "product": {
                  "name": "libexpat1-32bit-2.6.3-1.1.s390x",
                  "product_id": "libexpat1-32bit-2.6.3-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-2.6.3-1.1.x86_64",
                "product": {
                  "name": "expat-2.6.3-1.1.x86_64",
                  "product_id": "expat-2.6.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-2.6.3-1.1.x86_64",
                "product": {
                  "name": "libexpat-devel-2.6.3-1.1.x86_64",
                  "product_id": "libexpat-devel-2.6.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat-devel-32bit-2.6.3-1.1.x86_64",
                "product": {
                  "name": "libexpat-devel-32bit-2.6.3-1.1.x86_64",
                  "product_id": "libexpat-devel-32bit-2.6.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-2.6.3-1.1.x86_64",
                "product": {
                  "name": "libexpat1-2.6.3-1.1.x86_64",
                  "product_id": "libexpat1-2.6.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libexpat1-32bit-2.6.3-1.1.x86_64",
                "product": {
                  "name": "libexpat1-32bit-2.6.3-1.1.x86_64",
                  "product_id": "libexpat1-32bit-2.6.3-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-2.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64"
        },
        "product_reference": "expat-2.6.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-2.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le"
        },
        "product_reference": "expat-2.6.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-2.6.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x"
        },
        "product_reference": "expat-2.6.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-2.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64"
        },
        "product_reference": "expat-2.6.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-2.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64"
        },
        "product_reference": "libexpat-devel-2.6.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-2.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le"
        },
        "product_reference": "libexpat-devel-2.6.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-2.6.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x"
        },
        "product_reference": "libexpat-devel-2.6.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-2.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64"
        },
        "product_reference": "libexpat-devel-2.6.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-32bit-2.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64"
        },
        "product_reference": "libexpat-devel-32bit-2.6.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-32bit-2.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le"
        },
        "product_reference": "libexpat-devel-32bit-2.6.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-32bit-2.6.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x"
        },
        "product_reference": "libexpat-devel-32bit-2.6.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat-devel-32bit-2.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64"
        },
        "product_reference": "libexpat-devel-32bit-2.6.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64"
        },
        "product_reference": "libexpat1-2.6.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le"
        },
        "product_reference": "libexpat1-2.6.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.6.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x"
        },
        "product_reference": "libexpat1-2.6.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-2.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64"
        },
        "product_reference": "libexpat1-2.6.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-32bit-2.6.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64"
        },
        "product_reference": "libexpat1-32bit-2.6.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-32bit-2.6.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le"
        },
        "product_reference": "libexpat1-32bit-2.6.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-32bit-2.6.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x"
        },
        "product_reference": "libexpat1-32bit-2.6.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libexpat1-32bit-2.6.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
        },
        "product_reference": "libexpat1-32bit-2.6.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-06T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-06T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
          "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:expat-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:expat-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat-devel-32bit-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-2.6.3-1.1.x86_64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.aarch64",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.s390x",
            "openSUSE Tumbleweed:libexpat1-32bit-2.6.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-06T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

OPENSUSE-SU-2024:14328-1

Vulnerability from csaf_opensuse - Published: 2024-09-09 00:00 - Updated: 2024-09-09 00:00

Summary

x3270-4.3-4.1 on GA media

Severity

Moderate

Notes

Title of the patch: x3270-4.3-4.1 on GA media

Description of the patch: These are all security issues fixed in the x3270-4.3-4.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14328

CVE-2024-45490

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45491

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45492

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:x3270-4.3-4.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

15 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-45490/	self
https://www.suse.com/security/cve/CVE-2024-45491/	self
https://www.suse.com/security/cve/CVE-2024-45492/	self
https://www.suse.com/security/cve/CVE-2024-45490	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229962	external
https://www.suse.com/security/cve/CVE-2024-45491	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229931	external
https://www.suse.com/security/cve/CVE-2024-45492	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229932	external
https://bugzilla.suse.com/1229964	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "x3270-4.3-4.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the x3270-4.3-4.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14328",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14328-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      }
    ],
    "title": "x3270-4.3-4.1 on GA media",
    "tracking": {
      "current_release_date": "2024-09-09T00:00:00Z",
      "generator": {
        "date": "2024-09-09T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14328-1",
      "initial_release_date": "2024-09-09T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-09-09T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "x3270-4.3-4.1.aarch64",
                "product": {
                  "name": "x3270-4.3-4.1.aarch64",
                  "product_id": "x3270-4.3-4.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "x3270-4.3-4.1.ppc64le",
                "product": {
                  "name": "x3270-4.3-4.1.ppc64le",
                  "product_id": "x3270-4.3-4.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "x3270-4.3-4.1.s390x",
                "product": {
                  "name": "x3270-4.3-4.1.s390x",
                  "product_id": "x3270-4.3-4.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "x3270-4.3-4.1.x86_64",
                "product": {
                  "name": "x3270-4.3-4.1.x86_64",
                  "product_id": "x3270-4.3-4.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "x3270-4.3-4.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64"
        },
        "product_reference": "x3270-4.3-4.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "x3270-4.3-4.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le"
        },
        "product_reference": "x3270-4.3-4.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "x3270-4.3-4.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:x3270-4.3-4.1.s390x"
        },
        "product_reference": "x3270-4.3-4.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "x3270-4.3-4.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
        },
        "product_reference": "x3270-4.3-4.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
          "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
          "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
          "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
            "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
            "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
            "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
            "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
            "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
            "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-09T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
          "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
          "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
          "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
            "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
            "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
            "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
            "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
            "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
            "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-09T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
          "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
          "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
          "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
            "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
            "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
            "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:x3270-4.3-4.1.aarch64",
            "openSUSE Tumbleweed:x3270-4.3-4.1.ppc64le",
            "openSUSE Tumbleweed:x3270-4.3-4.1.s390x",
            "openSUSE Tumbleweed:x3270-4.3-4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-09T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

OPENSUSE-SU-2024:14379-1

Vulnerability from csaf_opensuse - Published: 2024-10-02 00:00 - Updated: 2024-10-02 00:00

Summary

libmozjs-115-0-115.4.0-5.1 on GA media

Severity

Moderate

Notes

Title of the patch: libmozjs-115-0-115.4.0-5.1 on GA media

Description of the patch: These are all security issues fixed in the libmozjs-115-0-115.4.0-5.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14379

CVE-2024-45490

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45491

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45492

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

17 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://www.suse.com/security/cve/CVE-2024-45490/	self
https://www.suse.com/security/cve/CVE-2024-45491/	self
https://www.suse.com/security/cve/CVE-2024-45492/	self
https://www.suse.com/security/cve/CVE-2024-45490	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229962	external
https://www.suse.com/security/cve/CVE-2024-45491	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229931	external
https://www.suse.com/security/cve/CVE-2024-45492	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229932	external
https://bugzilla.suse.com/1229964	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libmozjs-115-0-115.4.0-5.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libmozjs-115-0-115.4.0-5.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14379",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14379-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2024:14379-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NTUXDK3N23TI6WAE5SOEDJKD7NIASPBG/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2024:14379-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NTUXDK3N23TI6WAE5SOEDJKD7NIASPBG/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      }
    ],
    "title": "libmozjs-115-0-115.4.0-5.1 on GA media",
    "tracking": {
      "current_release_date": "2024-10-02T00:00:00Z",
      "generator": {
        "date": "2024-10-02T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14379-1",
      "initial_release_date": "2024-10-02T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-10-02T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-115-0-115.4.0-5.1.aarch64",
                "product": {
                  "name": "libmozjs-115-0-115.4.0-5.1.aarch64",
                  "product_id": "libmozjs-115-0-115.4.0-5.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-115.4.0-5.1.aarch64",
                "product": {
                  "name": "mozjs115-115.4.0-5.1.aarch64",
                  "product_id": "mozjs115-115.4.0-5.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-devel-115.4.0-5.1.aarch64",
                "product": {
                  "name": "mozjs115-devel-115.4.0-5.1.aarch64",
                  "product_id": "mozjs115-devel-115.4.0-5.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-115-0-115.4.0-5.1.ppc64le",
                "product": {
                  "name": "libmozjs-115-0-115.4.0-5.1.ppc64le",
                  "product_id": "libmozjs-115-0-115.4.0-5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-115.4.0-5.1.ppc64le",
                "product": {
                  "name": "mozjs115-115.4.0-5.1.ppc64le",
                  "product_id": "mozjs115-115.4.0-5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-devel-115.4.0-5.1.ppc64le",
                "product": {
                  "name": "mozjs115-devel-115.4.0-5.1.ppc64le",
                  "product_id": "mozjs115-devel-115.4.0-5.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-115-0-115.4.0-5.1.s390x",
                "product": {
                  "name": "libmozjs-115-0-115.4.0-5.1.s390x",
                  "product_id": "libmozjs-115-0-115.4.0-5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-115.4.0-5.1.s390x",
                "product": {
                  "name": "mozjs115-115.4.0-5.1.s390x",
                  "product_id": "mozjs115-115.4.0-5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-devel-115.4.0-5.1.s390x",
                "product": {
                  "name": "mozjs115-devel-115.4.0-5.1.s390x",
                  "product_id": "mozjs115-devel-115.4.0-5.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-115-0-115.4.0-5.1.x86_64",
                "product": {
                  "name": "libmozjs-115-0-115.4.0-5.1.x86_64",
                  "product_id": "libmozjs-115-0-115.4.0-5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-115.4.0-5.1.x86_64",
                "product": {
                  "name": "mozjs115-115.4.0-5.1.x86_64",
                  "product_id": "mozjs115-115.4.0-5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs115-devel-115.4.0-5.1.x86_64",
                "product": {
                  "name": "mozjs115-devel-115.4.0-5.1.x86_64",
                  "product_id": "mozjs115-devel-115.4.0-5.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-115-0-115.4.0-5.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64"
        },
        "product_reference": "libmozjs-115-0-115.4.0-5.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-115-0-115.4.0-5.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le"
        },
        "product_reference": "libmozjs-115-0-115.4.0-5.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-115-0-115.4.0-5.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x"
        },
        "product_reference": "libmozjs-115-0-115.4.0-5.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-115-0-115.4.0-5.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64"
        },
        "product_reference": "libmozjs-115-0-115.4.0-5.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-115.4.0-5.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64"
        },
        "product_reference": "mozjs115-115.4.0-5.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-115.4.0-5.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le"
        },
        "product_reference": "mozjs115-115.4.0-5.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-115.4.0-5.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x"
        },
        "product_reference": "mozjs115-115.4.0-5.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-115.4.0-5.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64"
        },
        "product_reference": "mozjs115-115.4.0-5.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-devel-115.4.0-5.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64"
        },
        "product_reference": "mozjs115-devel-115.4.0-5.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-devel-115.4.0-5.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le"
        },
        "product_reference": "mozjs115-devel-115.4.0-5.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-devel-115.4.0-5.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x"
        },
        "product_reference": "mozjs115-devel-115.4.0-5.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs115-devel-115.4.0-5.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
        },
        "product_reference": "mozjs115-devel-115.4.0-5.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-115-0-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-115.4.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs115-devel-115.4.0-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

OPENSUSE-SU-2024:14380-1

Vulnerability from csaf_opensuse - Published: 2024-10-02 00:00 - Updated: 2024-10-02 00:00

Summary

libmozjs-128-0-128.2.0-2.1 on GA media

Severity

Moderate

Notes

Title of the patch: libmozjs-128-0-128.2.0-2.1 on GA media

Description of the patch: These are all security issues fixed in the libmozjs-128-0-128.2.0-2.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14380

CVE-2024-45490

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45491

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45492

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

17 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://www.suse.com/security/cve/CVE-2024-45490/	self
https://www.suse.com/security/cve/CVE-2024-45491/	self
https://www.suse.com/security/cve/CVE-2024-45492/	self
https://www.suse.com/security/cve/CVE-2024-45490	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229962	external
https://www.suse.com/security/cve/CVE-2024-45491	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229931	external
https://www.suse.com/security/cve/CVE-2024-45492	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229932	external
https://bugzilla.suse.com/1229964	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libmozjs-128-0-128.2.0-2.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libmozjs-128-0-128.2.0-2.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14380",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14380-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2024:14380-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TAIATV7O5IGNWF5QEG55GA3DNAVFOJWG/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2024:14380-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TAIATV7O5IGNWF5QEG55GA3DNAVFOJWG/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      }
    ],
    "title": "libmozjs-128-0-128.2.0-2.1 on GA media",
    "tracking": {
      "current_release_date": "2024-10-02T00:00:00Z",
      "generator": {
        "date": "2024-10-02T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14380-1",
      "initial_release_date": "2024-10-02T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-10-02T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-128-0-128.2.0-2.1.aarch64",
                "product": {
                  "name": "libmozjs-128-0-128.2.0-2.1.aarch64",
                  "product_id": "libmozjs-128-0-128.2.0-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-128.2.0-2.1.aarch64",
                "product": {
                  "name": "mozjs128-128.2.0-2.1.aarch64",
                  "product_id": "mozjs128-128.2.0-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-devel-128.2.0-2.1.aarch64",
                "product": {
                  "name": "mozjs128-devel-128.2.0-2.1.aarch64",
                  "product_id": "mozjs128-devel-128.2.0-2.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-128-0-128.2.0-2.1.ppc64le",
                "product": {
                  "name": "libmozjs-128-0-128.2.0-2.1.ppc64le",
                  "product_id": "libmozjs-128-0-128.2.0-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-128.2.0-2.1.ppc64le",
                "product": {
                  "name": "mozjs128-128.2.0-2.1.ppc64le",
                  "product_id": "mozjs128-128.2.0-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-devel-128.2.0-2.1.ppc64le",
                "product": {
                  "name": "mozjs128-devel-128.2.0-2.1.ppc64le",
                  "product_id": "mozjs128-devel-128.2.0-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-128-0-128.2.0-2.1.s390x",
                "product": {
                  "name": "libmozjs-128-0-128.2.0-2.1.s390x",
                  "product_id": "libmozjs-128-0-128.2.0-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-128.2.0-2.1.s390x",
                "product": {
                  "name": "mozjs128-128.2.0-2.1.s390x",
                  "product_id": "mozjs128-128.2.0-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-devel-128.2.0-2.1.s390x",
                "product": {
                  "name": "mozjs128-devel-128.2.0-2.1.s390x",
                  "product_id": "mozjs128-devel-128.2.0-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-128-0-128.2.0-2.1.x86_64",
                "product": {
                  "name": "libmozjs-128-0-128.2.0-2.1.x86_64",
                  "product_id": "libmozjs-128-0-128.2.0-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-128.2.0-2.1.x86_64",
                "product": {
                  "name": "mozjs128-128.2.0-2.1.x86_64",
                  "product_id": "mozjs128-128.2.0-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs128-devel-128.2.0-2.1.x86_64",
                "product": {
                  "name": "mozjs128-devel-128.2.0-2.1.x86_64",
                  "product_id": "mozjs128-devel-128.2.0-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-128-0-128.2.0-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64"
        },
        "product_reference": "libmozjs-128-0-128.2.0-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-128-0-128.2.0-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le"
        },
        "product_reference": "libmozjs-128-0-128.2.0-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-128-0-128.2.0-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x"
        },
        "product_reference": "libmozjs-128-0-128.2.0-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-128-0-128.2.0-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64"
        },
        "product_reference": "libmozjs-128-0-128.2.0-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-128.2.0-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64"
        },
        "product_reference": "mozjs128-128.2.0-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-128.2.0-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le"
        },
        "product_reference": "mozjs128-128.2.0-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-128.2.0-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x"
        },
        "product_reference": "mozjs128-128.2.0-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-128.2.0-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64"
        },
        "product_reference": "mozjs128-128.2.0-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-devel-128.2.0-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64"
        },
        "product_reference": "mozjs128-devel-128.2.0-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-devel-128.2.0-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le"
        },
        "product_reference": "mozjs128-devel-128.2.0-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-devel-128.2.0-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x"
        },
        "product_reference": "mozjs128-devel-128.2.0-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs128-devel-128.2.0-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
        },
        "product_reference": "mozjs128-devel-128.2.0-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
          "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:libmozjs-128-0-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-128.2.0-2.1.x86_64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.aarch64",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.ppc64le",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.s390x",
            "openSUSE Tumbleweed:mozjs128-devel-128.2.0-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

OPENSUSE-SU-2024:14381-1

Vulnerability from csaf_opensuse - Published: 2024-10-02 00:00 - Updated: 2024-10-02 00:00

Summary

libmozjs-78-0-78.15.0-5.1 on GA media

Severity

Moderate

Notes

Title of the patch: libmozjs-78-0-78.15.0-5.1 on GA media

Description of the patch: These are all security issues fixed in the libmozjs-78-0-78.15.0-5.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14381

CVE-2024-45490

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45491

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-45492

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

17 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://www.suse.com/security/cve/CVE-2024-45490/	self
https://www.suse.com/security/cve/CVE-2024-45491/	self
https://www.suse.com/security/cve/CVE-2024-45492/	self
https://www.suse.com/security/cve/CVE-2024-45490	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229962	external
https://www.suse.com/security/cve/CVE-2024-45491	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229931	external
https://www.suse.com/security/cve/CVE-2024-45492	external
https://bugzilla.suse.com/1229930	external
https://bugzilla.suse.com/1229932	external
https://bugzilla.suse.com/1229964	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libmozjs-78-0-78.15.0-5.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libmozjs-78-0-78.15.0-5.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14381",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14381-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2024:14381-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WR4SNIPTL3MVBAVRYUOIK4QCPYAXEF3S/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2024:14381-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WR4SNIPTL3MVBAVRYUOIK4QCPYAXEF3S/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45490 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45490/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45491 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45491/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-45492 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-45492/"
      }
    ],
    "title": "libmozjs-78-0-78.15.0-5.1 on GA media",
    "tracking": {
      "current_release_date": "2024-10-02T00:00:00Z",
      "generator": {
        "date": "2024-10-02T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14381-1",
      "initial_release_date": "2024-10-02T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-10-02T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-78-0-78.15.0-5.1.aarch64",
                "product": {
                  "name": "libmozjs-78-0-78.15.0-5.1.aarch64",
                  "product_id": "libmozjs-78-0-78.15.0-5.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-78.15.0-5.1.aarch64",
                "product": {
                  "name": "mozjs78-78.15.0-5.1.aarch64",
                  "product_id": "mozjs78-78.15.0-5.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-devel-78.15.0-5.1.aarch64",
                "product": {
                  "name": "mozjs78-devel-78.15.0-5.1.aarch64",
                  "product_id": "mozjs78-devel-78.15.0-5.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-78-0-78.15.0-5.1.ppc64le",
                "product": {
                  "name": "libmozjs-78-0-78.15.0-5.1.ppc64le",
                  "product_id": "libmozjs-78-0-78.15.0-5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-78.15.0-5.1.ppc64le",
                "product": {
                  "name": "mozjs78-78.15.0-5.1.ppc64le",
                  "product_id": "mozjs78-78.15.0-5.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-devel-78.15.0-5.1.ppc64le",
                "product": {
                  "name": "mozjs78-devel-78.15.0-5.1.ppc64le",
                  "product_id": "mozjs78-devel-78.15.0-5.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-78-0-78.15.0-5.1.s390x",
                "product": {
                  "name": "libmozjs-78-0-78.15.0-5.1.s390x",
                  "product_id": "libmozjs-78-0-78.15.0-5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-78.15.0-5.1.s390x",
                "product": {
                  "name": "mozjs78-78.15.0-5.1.s390x",
                  "product_id": "mozjs78-78.15.0-5.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-devel-78.15.0-5.1.s390x",
                "product": {
                  "name": "mozjs78-devel-78.15.0-5.1.s390x",
                  "product_id": "mozjs78-devel-78.15.0-5.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmozjs-78-0-78.15.0-5.1.x86_64",
                "product": {
                  "name": "libmozjs-78-0-78.15.0-5.1.x86_64",
                  "product_id": "libmozjs-78-0-78.15.0-5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-78.15.0-5.1.x86_64",
                "product": {
                  "name": "mozjs78-78.15.0-5.1.x86_64",
                  "product_id": "mozjs78-78.15.0-5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mozjs78-devel-78.15.0-5.1.x86_64",
                "product": {
                  "name": "mozjs78-devel-78.15.0-5.1.x86_64",
                  "product_id": "mozjs78-devel-78.15.0-5.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-78-0-78.15.0-5.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64"
        },
        "product_reference": "libmozjs-78-0-78.15.0-5.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-78-0-78.15.0-5.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le"
        },
        "product_reference": "libmozjs-78-0-78.15.0-5.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-78-0-78.15.0-5.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x"
        },
        "product_reference": "libmozjs-78-0-78.15.0-5.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmozjs-78-0-78.15.0-5.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64"
        },
        "product_reference": "libmozjs-78-0-78.15.0-5.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-78.15.0-5.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64"
        },
        "product_reference": "mozjs78-78.15.0-5.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-78.15.0-5.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le"
        },
        "product_reference": "mozjs78-78.15.0-5.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-78.15.0-5.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x"
        },
        "product_reference": "mozjs78-78.15.0-5.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-78.15.0-5.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64"
        },
        "product_reference": "mozjs78-78.15.0-5.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-devel-78.15.0-5.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64"
        },
        "product_reference": "mozjs78-devel-78.15.0-5.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-devel-78.15.0-5.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le"
        },
        "product_reference": "mozjs78-devel-78.15.0-5.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-devel-78.15.0-5.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x"
        },
        "product_reference": "mozjs78-devel-78.15.0-5.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mozjs78-devel-78.15.0-5.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
        },
        "product_reference": "mozjs78-devel-78.15.0-5.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45490",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45490"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45490",
          "url": "https://www.suse.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229962 for CVE-2024-45490",
          "url": "https://bugzilla.suse.com/1229962"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45491"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45491",
          "url": "https://www.suse.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229931 for CVE-2024-45491",
          "url": "https://bugzilla.suse.com/1229931"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-45492"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
          "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-45492",
          "url": "https://www.suse.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229930 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229930"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229932 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229932"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229964 for CVE-2024-45492",
          "url": "https://bugzilla.suse.com/1229964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:libmozjs-78-0-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-78.15.0-5.1.x86_64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.aarch64",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.ppc64le",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.s390x",
            "openSUSE Tumbleweed:mozjs78-devel-78.15.0-5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-02T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

RHSA-2024:10135

Vulnerability from csaf_redhat - Published: 2024-11-21 09:03 - Updated: 2026-06-02 17:45

Summary

Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.4 LTS

Severity

Low

Notes

Topic: Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.

Details: Users of service-interconnect 1.4 LTS rhel9 container images are advised to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory the in Red Hat Container Catalog

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-2398

A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-772 - Missing Release of Resource after Effective Lifetime

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-6119

A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-6345

A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-6923

A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-34397

A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This issue could lead to the GDBus-based client behaving incorrectly with an application-dependent impact.

3.8 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE-940 - Improper Verification of Source of a Communication Channel

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-37370

A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-37371

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45490

A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45491

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45492

A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

References

63 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:10135	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2263240	external
https://bugzilla.redhat.com/show_bug.cgi?id=2321987	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-2398	self
https://bugzilla.redhat.com/show_bug.cgi?id=2270498	external
https://www.cve.org/CVERecord?id=CVE-2024-2398	external
https://nvd.nist.gov/vuln/detail/CVE-2024-2398	external
https://curl.se/docs/CVE-2024-2398.html	external
https://access.redhat.com/security/cve/CVE-2024-6119	self
https://bugzilla.redhat.com/show_bug.cgi?id=2306158	external
https://www.cve.org/CVERecord?id=CVE-2024-6119	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6119	external
https://github.com/openssl/openssl/security/advis…	external
https://access.redhat.com/security/cve/CVE-2024-6345	self
https://bugzilla.redhat.com/show_bug.cgi?id=2297771	external
https://www.cve.org/CVERecord?id=CVE-2024-6345	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6345	external
https://github.com/pypa/setuptools/commit/88807c7…	external
https://huntr.com/bounties/d6362117-ad57-4e83-951…	external
https://access.redhat.com/security/cve/CVE-2024-6923	self
https://bugzilla.redhat.com/show_bug.cgi?id=2302255	external
https://www.cve.org/CVERecord?id=CVE-2024-6923	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6923	external
https://github.com/python/cpython/issues/121650	external
https://github.com/python/cpython/pull/122233	external
https://mail.python.org/archives/list/security-an…	external
https://access.redhat.com/security/cve/CVE-2024-34397	self
https://bugzilla.redhat.com/show_bug.cgi?id=2279632	external
https://www.cve.org/CVERecord?id=CVE-2024-34397	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34397	external
https://gitlab.gnome.org/GNOME/glib/-/issues/3268	external
https://www.openwall.com/lists/oss-security/2024/…	external
https://access.redhat.com/security/cve/CVE-2024-37370	self
https://bugzilla.redhat.com/show_bug.cgi?id=2294677	external
https://www.cve.org/CVERecord?id=CVE-2024-37370	external
https://nvd.nist.gov/vuln/detail/CVE-2024-37370	external
https://web.mit.edu/kerberos/www/krb5-1.21/	external
https://access.redhat.com/security/cve/CVE-2024-37371	self
https://bugzilla.redhat.com/show_bug.cgi?id=2294676	external
https://www.cve.org/CVERecord?id=CVE-2024-37371	external
https://nvd.nist.gov/vuln/detail/CVE-2024-37371	external
https://www.oracle.com/security-alerts/cpujan2025…	external
https://access.redhat.com/security/cve/CVE-2024-45490	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308615	external
https://www.cve.org/CVERecord?id=CVE-2024-45490	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45490	external
https://github.com/libexpat/libexpat/blob/R_2_6_3…	external
https://github.com/libexpat/libexpat/issues/887	external
https://github.com/libexpat/libexpat/pull/890	external
https://access.redhat.com/security/cve/CVE-2024-45491	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308616	external
https://www.cve.org/CVERecord?id=CVE-2024-45491	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45491	external
https://github.com/libexpat/libexpat/issues/888	external
https://github.com/libexpat/libexpat/pull/891	external
https://access.redhat.com/security/cve/CVE-2024-45492	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308617	external
https://www.cve.org/CVERecord?id=CVE-2024-45492	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45492	external
https://github.com/libexpat/libexpat/issues/889	external
https://github.com/libexpat/libexpat/pull/892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Users of service-interconnect 1.4 LTS rhel9 container images are advised\nto upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. \nUsers of these images are also encouraged to rebuild all container images that depend on these images.\nYou can find images updated by this advisory the in Red Hat Container Catalog",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:10135",
        "url": "https://access.redhat.com/errata/RHSA-2024:10135"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "2263240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263240"
      },
      {
        "category": "external",
        "summary": "2321987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321987"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10135.json"
      }
    ],
    "title": "Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.4 LTS",
    "tracking": {
      "current_release_date": "2026-06-02T17:45:12+00:00",
      "generator": {
        "date": "2026-06-02T17:45:12+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:10135",
      "initial_release_date": "2024-11-21T09:03:29+00:00",
      "revision_history": [
        {
          "date": "2024-11-21T09:03:29+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-11-21T09:03:29+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T17:45:12+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "9Base-Service-Interconnect-1.4",
                "product": {
                  "name": "9Base-Service-Interconnect-1.4",
                  "product_id": "9Base-Service-Interconnect-1.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Service Interconnect"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.4.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.4.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
                "product": {
                  "name": "service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
                  "product_id": "service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.4.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.4.3-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.4.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.4.7-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64 as a component of 9Base-Service-Interconnect-1.4",
          "product_id": "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64 as a component of 9Base-Service-Interconnect-1.4",
          "product_id": "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64 as a component of 9Base-Service-Interconnect-1.4",
          "product_id": "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64"
        },
        "product_reference": "service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64 as a component of 9Base-Service-Interconnect-1.4",
          "product_id": "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64 as a component of 9Base-Service-Interconnect-1.4",
          "product_id": "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64 as a component of 9Base-Service-Interconnect-1.4",
          "product_id": "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "discovery_date": "2024-03-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2270498"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: HTTP/2 push headers memory-leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "RHBZ#2270498",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2398",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2024-2398.html",
          "url": "https://curl.se/docs/CVE-2024-2398.html"
        }
      ],
      "release_date": "2024-03-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "curl: HTTP/2 push headers memory-leak"
    },
    {
      "cve": "CVE-2024-6119",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "discovery_date": "2024-08-20T17:50:04+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2306158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible denial of service in X.509 name checks",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as moderate severity rather than important because it primarily affects specific use cases involving certificate name checks against otherName subject alternative names, a scenario that is not commonly encountered. The issue only triggers a denial of service (DoS) by causing an abnormal application termination, without compromising the integrity, confidentiality, or availability of data at a broader scale. Additionally, TLS servers, which typically don\u0027t perform reference identity checks during client certificate validation, are largely unaffected. The impact is localized to certain TLS clients performing specific name comparisons, reducing the overall risk profile and justifying the moderate severity classification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6119"
        },
        {
          "category": "external",
          "summary": "RHBZ#2306158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6119",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6119",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6119"
        },
        {
          "category": "external",
          "summary": "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj",
          "url": "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj"
        }
      ],
      "release_date": "2024-09-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: Possible denial of service in X.509 name checks"
    },
    {
      "cve": "CVE-2024-6345",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2024-07-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297771"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack does not include setuptools. The ImcSdk component uses it only during compile time in our build systems, and we do not support recompiling SRPMs. As a result, Red Hat OpenStack is not affected by this flaw.\n\nPython 2.7.18 was marked End of Life on 04/20/2020. No patches for Python 2 would be made available.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297771",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297771"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6345",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0",
          "url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
        },
        {
          "category": "external",
          "summary": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5",
          "url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
        }
      ],
      "release_date": "2024-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools"
    },
    {
      "cve": "CVE-2024-6923",
      "discovery_date": "2024-08-01T14:30:06+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2302255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the email module that uses Python language. The email module doesn\u0027t properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cpython: python: email module doesn\u0027t properly quotes newlines in email headers, allowing header injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "RHBZ#2302255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6923",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6923",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "https://github.com/python/cpython/issues/121650",
          "url": "https://github.com/python/cpython/issues/121650"
        },
        {
          "category": "external",
          "summary": "https://github.com/python/cpython/pull/122233",
          "url": "https://github.com/python/cpython/pull/122233"
        },
        {
          "category": "external",
          "summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/",
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/"
        }
      ],
      "release_date": "2024-08-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cpython: python: email module doesn\u0027t properly quotes newlines in email headers, allowing header injection"
    },
    {
      "cve": "CVE-2024-34397",
      "cwe": {
        "id": "CWE-940",
        "name": "Improper Verification of Source of a Communication Channel"
      },
      "discovery_date": "2024-05-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2279632"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This issue could lead to the GDBus-based client behaving incorrectly with an application-dependent impact.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "glib2: Signal subscription vulnerabilities",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34397"
        },
        {
          "category": "external",
          "summary": "RHBZ#2279632",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279632"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34397",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34397",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34397"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268",
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/05/07/5",
          "url": "https://www.openwall.com/lists/oss-security/2024/05/07/5"
        }
      ],
      "release_date": "2024-05-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "glib2: Signal subscription vulnerabilities"
    },
    {
      "cve": "CVE-2024-37370",
      "discovery_date": "2024-06-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2294677"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "krb5: GSS message token handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability has an ability to disrupt authentication process and attackers able to alter the token data durning the transmission which leads to disruption in service and an attacker can void the integrity by altering the token durning the transmission for authentication process. This has been rated as moderate by Redhat as the vulnerability cannot be exploited in a way that it leads to a loss of availability or integrity,when in transmission token count field can be changed making the token appear truncated.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-37370"
        },
        {
          "category": "external",
          "summary": "RHBZ#2294677",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-37370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37370",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37370"
        },
        {
          "category": "external",
          "summary": "https://web.mit.edu/kerberos/www/krb5-1.21/",
          "url": "https://web.mit.edu/kerberos/www/krb5-1.21/"
        }
      ],
      "release_date": "2024-06-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "krb5: GSS message token handling"
    },
    {
      "cve": "CVE-2024-37371",
      "discovery_date": "2024-06-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2294676"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "krb5: GSS message token handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is classified as a moderate severity vulnerability because, while it allows an attacker to modify the plaintext \"Extra Count\" field of a GSS krb5 wrap token, the impact is primarily limited to token truncation at the application layer. This truncation can disrupt services but does not directly lead to a full compromise of confidentiality or integrity. The attack requires that the attacker already has access to a valid token transmission to modify, meaning it cannot be exploited remotely without first obtaining or intercepting a valid token.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-37371"
        },
        {
          "category": "external",
          "summary": "RHBZ#2294676",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-37371",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37371",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37371"
        },
        {
          "category": "external",
          "summary": "https://web.mit.edu/kerberos/www/krb5-1.21/",
          "url": "https://web.mit.edu/kerberos/www/krb5-1.21/"
        },
        {
          "category": "external",
          "summary": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL",
          "url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL"
        }
      ],
      "release_date": "2024-06-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "krb5: GSS message token handling"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2024-08-30T03:20:06.675968+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308615"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libexpat\u0027s xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: Negative Length Parsing Vulnerability in libexpat",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The CVE-2024-45490 vulnerability is rated as moderate severity because while it allows for memory corruption through improper argument handling in XML_ParseBuffer, the exploitability is limited. Specifically, it requires an unlikely scenario where the input passed to the function has a negative length (len \u003c 0), which would typically not occur in well-formed applications. Moreover, while the impact includes denial of service (DoS), the conditions necessary for arbitrary code execution are non-trivial, requiring specific exploitation of memory corruption. Since it primarily leads to application crashes without an easily accessible attack vector for remote code execution, the risk is lower compared to higher-severity vulnerabilities that offer more direct pathways to exploitation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308615",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45490",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/887",
          "url": "https://github.com/libexpat/libexpat/issues/887"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/890",
          "url": "https://github.com/libexpat/libexpat/pull/890"
        }
      ],
      "release_date": "2024-08-30T03:15:03.757000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: Negative Length Parsing Vulnerability in libexpat"
    },
    {
      "cve": "CVE-2024-45491",
      "discovery_date": "2024-08-30T03:20:09.474759+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An issue was found in libexpat\u2019s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: Integer Overflow or Wraparound",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as Moderate severity rather than Important due to its reliance on specific conditions for exploitation. The integer overflow in dtdCopy affecting nDefaultAtts is limited to 32-bit platforms, reducing the attack surface as many modern systems operate on 64-bit architectures. Additionally, while the impact can lead to denial of service and potentially arbitrary code execution, the latter requires precise manipulation of the overflow condition, which may be non-trivial for attackers to achieve reliably. The constrained platform scope and the complexity of exploitation lower the overall severity, though it still poses a risk in environments where 32-bit systems are prevalent.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45491",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/888",
          "url": "https://github.com/libexpat/libexpat/issues/888"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/891",
          "url": "https://github.com/libexpat/libexpat/pull/891"
        }
      ],
      "release_date": "2024-08-30T03:15:03.850000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: Integer Overflow or Wraparound"
    },
    {
      "cve": "CVE-2024-45492",
      "discovery_date": "2024-08-30T03:20:11.638476+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308617"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libexpat\u0027s internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: integer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "CVE-2024-45492 is categorized as a Moderate severity issue rather than Important due to the specific conditions required for exploitation and the limited scope of impact. While an integer overflow in the nextScaffoldPart function on 32-bit platforms can potentially lead to denial of service (DoS) or, in rare cases, arbitrary code execution, the vulnerability is platform-specific, affecting only 32-bit architectures with particular handling of UINT_MAX and SIZE_MAX. Additionally, exploiting the overflow for arbitrary code execution would require precise manipulation of memory, making it a less likely attack vector. The primary risk of DoS, without guaranteed escalation to remote code execution, further justifies the moderate severity classification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
          "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308617",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45492",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/889",
          "url": "https://github.com/libexpat/libexpat/issues/889"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/892",
          "url": "https://github.com/libexpat/libexpat/pull/892"
        }
      ],
      "release_date": "2024-08-30T03:15:03.930000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-21T09:03:29+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10135"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8_amd64",
            "9Base-Service-Interconnect-1.4:service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: integer overflow"
    }
  ]
}

RHSA-2024:11109

Vulnerability from csaf_redhat - Published: 2024-12-16 15:47 - Updated: 2026-06-02 17:45

Summary

Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.5

Severity

Low

Notes

Topic: Updated service-interconnect container images are now available for Service Interconnect 1.5 for RHEL 9.

Details: Users of service-interconnect 1.5 rhel9 container images are advised to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory the in Red Hat Container Catalog

CVE-2024-2398

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-772 - Missing Release of Resource after Effective Lifetime

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-6119

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-6345

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-6923

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-34397

3.8 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE-940 - Improper Verification of Source of a Communication Channel

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-37370

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-37371

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45490

A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45491

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45492

A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 30 products

Product	Version	Remediation
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

References

63 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:11109	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2263240	external
https://bugzilla.redhat.com/show_bug.cgi?id=2321987	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-2398	self
https://bugzilla.redhat.com/show_bug.cgi?id=2270498	external
https://www.cve.org/CVERecord?id=CVE-2024-2398	external
https://nvd.nist.gov/vuln/detail/CVE-2024-2398	external
https://curl.se/docs/CVE-2024-2398.html	external
https://access.redhat.com/security/cve/CVE-2024-6119	self
https://bugzilla.redhat.com/show_bug.cgi?id=2306158	external
https://www.cve.org/CVERecord?id=CVE-2024-6119	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6119	external
https://github.com/openssl/openssl/security/advis…	external
https://access.redhat.com/security/cve/CVE-2024-6345	self
https://bugzilla.redhat.com/show_bug.cgi?id=2297771	external
https://www.cve.org/CVERecord?id=CVE-2024-6345	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6345	external
https://github.com/pypa/setuptools/commit/88807c7…	external
https://huntr.com/bounties/d6362117-ad57-4e83-951…	external
https://access.redhat.com/security/cve/CVE-2024-6923	self
https://bugzilla.redhat.com/show_bug.cgi?id=2302255	external
https://www.cve.org/CVERecord?id=CVE-2024-6923	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6923	external
https://github.com/python/cpython/issues/121650	external
https://github.com/python/cpython/pull/122233	external
https://mail.python.org/archives/list/security-an…	external
https://access.redhat.com/security/cve/CVE-2024-34397	self
https://bugzilla.redhat.com/show_bug.cgi?id=2279632	external
https://www.cve.org/CVERecord?id=CVE-2024-34397	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34397	external
https://gitlab.gnome.org/GNOME/glib/-/issues/3268	external
https://www.openwall.com/lists/oss-security/2024/…	external
https://access.redhat.com/security/cve/CVE-2024-37370	self
https://bugzilla.redhat.com/show_bug.cgi?id=2294677	external
https://www.cve.org/CVERecord?id=CVE-2024-37370	external
https://nvd.nist.gov/vuln/detail/CVE-2024-37370	external
https://web.mit.edu/kerberos/www/krb5-1.21/	external
https://access.redhat.com/security/cve/CVE-2024-37371	self
https://bugzilla.redhat.com/show_bug.cgi?id=2294676	external
https://www.cve.org/CVERecord?id=CVE-2024-37371	external
https://nvd.nist.gov/vuln/detail/CVE-2024-37371	external
https://www.oracle.com/security-alerts/cpujan2025…	external
https://access.redhat.com/security/cve/CVE-2024-45490	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308615	external
https://www.cve.org/CVERecord?id=CVE-2024-45490	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45490	external
https://github.com/libexpat/libexpat/blob/R_2_6_3…	external
https://github.com/libexpat/libexpat/issues/887	external
https://github.com/libexpat/libexpat/pull/890	external
https://access.redhat.com/security/cve/CVE-2024-45491	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308616	external
https://www.cve.org/CVERecord?id=CVE-2024-45491	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45491	external
https://github.com/libexpat/libexpat/issues/888	external
https://github.com/libexpat/libexpat/pull/891	external
https://access.redhat.com/security/cve/CVE-2024-45492	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308617	external
https://www.cve.org/CVERecord?id=CVE-2024-45492	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45492	external
https://github.com/libexpat/libexpat/issues/889	external
https://github.com/libexpat/libexpat/pull/892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated service-interconnect container images are now available for Service Interconnect 1.5 for RHEL 9.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Users of service-interconnect 1.5 rhel9 container images are advised\nto upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. \nUsers of these images are also encouraged to rebuild all container images that depend on these images.\nYou can find images updated by this advisory the in Red Hat Container Catalog",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:11109",
        "url": "https://access.redhat.com/errata/RHSA-2024:11109"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "2263240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263240"
      },
      {
        "category": "external",
        "summary": "2321987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321987"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_11109.json"
      }
    ],
    "title": "Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.5",
    "tracking": {
      "current_release_date": "2026-06-02T17:45:17+00:00",
      "generator": {
        "date": "2026-06-02T17:45:17+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:11109",
      "initial_release_date": "2024-12-16T15:47:02+00:00",
      "revision_history": [
        {
          "date": "2024-12-16T15:47:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-12-16T15:47:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T17:45:17+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Service Interconnect 1",
                "product": {
                  "name": "Red Hat Service Interconnect 1",
                  "product_id": "9Base-Service-Interconnect-1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_interconnect:1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Service Interconnect"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
                "product": {
                  "name": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
                  "product_id": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
                "product": {
                  "name": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
                  "product_id": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64"
        },
        "product_reference": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64"
        },
        "product_reference": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "discovery_date": "2024-03-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2270498"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "curl: HTTP/2 push headers memory-leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "RHBZ#2270498",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2398",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
        },
        {
          "category": "external",
          "summary": "https://curl.se/docs/CVE-2024-2398.html",
          "url": "https://curl.se/docs/CVE-2024-2398.html"
        }
      ],
      "release_date": "2024-03-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "curl: HTTP/2 push headers memory-leak"
    },
    {
      "cve": "CVE-2024-6119",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "discovery_date": "2024-08-20T17:50:04+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2306158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible denial of service in X.509 name checks",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as moderate severity rather than important because it primarily affects specific use cases involving certificate name checks against otherName subject alternative names, a scenario that is not commonly encountered. The issue only triggers a denial of service (DoS) by causing an abnormal application termination, without compromising the integrity, confidentiality, or availability of data at a broader scale. Additionally, TLS servers, which typically don\u0027t perform reference identity checks during client certificate validation, are largely unaffected. The impact is localized to certain TLS clients performing specific name comparisons, reducing the overall risk profile and justifying the moderate severity classification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6119"
        },
        {
          "category": "external",
          "summary": "RHBZ#2306158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6119",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6119",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6119"
        },
        {
          "category": "external",
          "summary": "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj",
          "url": "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj"
        }
      ],
      "release_date": "2024-09-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: Possible denial of service in X.509 name checks"
    },
    {
      "cve": "CVE-2024-6345",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2024-07-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297771"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack does not include setuptools. The ImcSdk component uses it only during compile time in our build systems, and we do not support recompiling SRPMs. As a result, Red Hat OpenStack is not affected by this flaw.\n\nPython 2.7.18 was marked End of Life on 04/20/2020. No patches for Python 2 would be made available.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297771",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297771"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6345",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0",
          "url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
        },
        {
          "category": "external",
          "summary": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5",
          "url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
        }
      ],
      "release_date": "2024-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools"
    },
    {
      "cve": "CVE-2024-6923",
      "discovery_date": "2024-08-01T14:30:06+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2302255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the email module that uses Python language. The email module doesn\u0027t properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cpython: python: email module doesn\u0027t properly quotes newlines in email headers, allowing header injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "RHBZ#2302255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6923",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6923",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6923"
        },
        {
          "category": "external",
          "summary": "https://github.com/python/cpython/issues/121650",
          "url": "https://github.com/python/cpython/issues/121650"
        },
        {
          "category": "external",
          "summary": "https://github.com/python/cpython/pull/122233",
          "url": "https://github.com/python/cpython/pull/122233"
        },
        {
          "category": "external",
          "summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/",
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/"
        }
      ],
      "release_date": "2024-08-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cpython: python: email module doesn\u0027t properly quotes newlines in email headers, allowing header injection"
    },
    {
      "cve": "CVE-2024-34397",
      "cwe": {
        "id": "CWE-940",
        "name": "Improper Verification of Source of a Communication Channel"
      },
      "discovery_date": "2024-05-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2279632"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This issue could lead to the GDBus-based client behaving incorrectly with an application-dependent impact.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "glib2: Signal subscription vulnerabilities",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34397"
        },
        {
          "category": "external",
          "summary": "RHBZ#2279632",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279632"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34397",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34397",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34397"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268",
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/05/07/5",
          "url": "https://www.openwall.com/lists/oss-security/2024/05/07/5"
        }
      ],
      "release_date": "2024-05-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "glib2: Signal subscription vulnerabilities"
    },
    {
      "cve": "CVE-2024-37370",
      "discovery_date": "2024-06-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2294677"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "krb5: GSS message token handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability has an ability to disrupt authentication process and attackers able to alter the token data durning the transmission which leads to disruption in service and an attacker can void the integrity by altering the token durning the transmission for authentication process. This has been rated as moderate by Redhat as the vulnerability cannot be exploited in a way that it leads to a loss of availability or integrity,when in transmission token count field can be changed making the token appear truncated.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-37370"
        },
        {
          "category": "external",
          "summary": "RHBZ#2294677",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-37370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37370",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37370"
        },
        {
          "category": "external",
          "summary": "https://web.mit.edu/kerberos/www/krb5-1.21/",
          "url": "https://web.mit.edu/kerberos/www/krb5-1.21/"
        }
      ],
      "release_date": "2024-06-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "krb5: GSS message token handling"
    },
    {
      "cve": "CVE-2024-37371",
      "discovery_date": "2024-06-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2294676"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "krb5: GSS message token handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is classified as a moderate severity vulnerability because, while it allows an attacker to modify the plaintext \"Extra Count\" field of a GSS krb5 wrap token, the impact is primarily limited to token truncation at the application layer. This truncation can disrupt services but does not directly lead to a full compromise of confidentiality or integrity. The attack requires that the attacker already has access to a valid token transmission to modify, meaning it cannot be exploited remotely without first obtaining or intercepting a valid token.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-37371"
        },
        {
          "category": "external",
          "summary": "RHBZ#2294676",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-37371",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37371",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37371"
        },
        {
          "category": "external",
          "summary": "https://web.mit.edu/kerberos/www/krb5-1.21/",
          "url": "https://web.mit.edu/kerberos/www/krb5-1.21/"
        },
        {
          "category": "external",
          "summary": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL",
          "url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixMSQL"
        }
      ],
      "release_date": "2024-06-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "krb5: GSS message token handling"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2024-08-30T03:20:06.675968+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308615"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libexpat\u0027s xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: Negative Length Parsing Vulnerability in libexpat",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The CVE-2024-45490 vulnerability is rated as moderate severity because while it allows for memory corruption through improper argument handling in XML_ParseBuffer, the exploitability is limited. Specifically, it requires an unlikely scenario where the input passed to the function has a negative length (len \u003c 0), which would typically not occur in well-formed applications. Moreover, while the impact includes denial of service (DoS), the conditions necessary for arbitrary code execution are non-trivial, requiring specific exploitation of memory corruption. Since it primarily leads to application crashes without an easily accessible attack vector for remote code execution, the risk is lower compared to higher-severity vulnerabilities that offer more direct pathways to exploitation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308615",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45490",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/887",
          "url": "https://github.com/libexpat/libexpat/issues/887"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/890",
          "url": "https://github.com/libexpat/libexpat/pull/890"
        }
      ],
      "release_date": "2024-08-30T03:15:03.757000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: Negative Length Parsing Vulnerability in libexpat"
    },
    {
      "cve": "CVE-2024-45491",
      "discovery_date": "2024-08-30T03:20:09.474759+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An issue was found in libexpat\u2019s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: Integer Overflow or Wraparound",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as Moderate severity rather than Important due to its reliance on specific conditions for exploitation. The integer overflow in dtdCopy affecting nDefaultAtts is limited to 32-bit platforms, reducing the attack surface as many modern systems operate on 64-bit architectures. Additionally, while the impact can lead to denial of service and potentially arbitrary code execution, the latter requires precise manipulation of the overflow condition, which may be non-trivial for attackers to achieve reliably. The constrained platform scope and the complexity of exploitation lower the overall severity, though it still poses a risk in environments where 32-bit systems are prevalent.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45491",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/888",
          "url": "https://github.com/libexpat/libexpat/issues/888"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/891",
          "url": "https://github.com/libexpat/libexpat/pull/891"
        }
      ],
      "release_date": "2024-08-30T03:15:03.850000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: Integer Overflow or Wraparound"
    },
    {
      "cve": "CVE-2024-45492",
      "discovery_date": "2024-08-30T03:20:11.638476+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308617"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libexpat\u0027s internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: integer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "CVE-2024-45492 is categorized as a Moderate severity issue rather than Important due to the specific conditions required for exploitation and the limited scope of impact. While an integer overflow in the nextScaffoldPart function on 32-bit platforms can potentially lead to denial of service (DoS) or, in rare cases, arbitrary code execution, the vulnerability is platform-specific, affecting only 32-bit architectures with particular handling of UINT_MAX and SIZE_MAX. Additionally, exploiting the overflow for arbitrary code execution would require precise manipulation of memory, making it a less likely attack vector. The primary risk of DoS, without guaranteed escalation to remote code execution, further justifies the moderate severity classification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308617",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45492",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/889",
          "url": "https://github.com/libexpat/libexpat/issues/889"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/892",
          "url": "https://github.com/libexpat/libexpat/pull/892"
        }
      ],
      "release_date": "2024-08-30T03:15:03.930000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-16T15:47:02+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:11109"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: integer overflow"
    }
  ]
}

RHSA-2024:6754

Vulnerability from csaf_redhat - Published: 2024-09-18 12:01 - Updated: 2026-06-02 15:17

Summary

Red Hat Security Advisory: expat security update

Severity

Moderate

Notes

Topic: An update for expat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Expat is a C library for parsing XML documents. Security Fix(es): * libexpat: Negative Length Parsing Vulnerability in libexpat (CVE-2024-45490) * libexpat: Integer Overflow or Wraparound (CVE-2024-45491) * libexpat: integer overflow (CVE-2024-45492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-45490

A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 42 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45491

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 42 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-45492

A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 42 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

References

25 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:6754	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2308615	external
https://bugzilla.redhat.com/show_bug.cgi?id=2308616	external
https://bugzilla.redhat.com/show_bug.cgi?id=2308617	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-45490	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308615	external
https://www.cve.org/CVERecord?id=CVE-2024-45490	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45490	external
https://github.com/libexpat/libexpat/blob/R_2_6_3…	external
https://github.com/libexpat/libexpat/issues/887	external
https://github.com/libexpat/libexpat/pull/890	external
https://access.redhat.com/security/cve/CVE-2024-45491	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308616	external
https://www.cve.org/CVERecord?id=CVE-2024-45491	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45491	external
https://github.com/libexpat/libexpat/issues/888	external
https://github.com/libexpat/libexpat/pull/891	external
https://access.redhat.com/security/cve/CVE-2024-45492	self
https://bugzilla.redhat.com/show_bug.cgi?id=2308617	external
https://www.cve.org/CVERecord?id=CVE-2024-45492	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45492	external
https://github.com/libexpat/libexpat/issues/889	external
https://github.com/libexpat/libexpat/pull/892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for expat is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* libexpat: Negative Length Parsing Vulnerability in libexpat (CVE-2024-45490)\n\n* libexpat: Integer Overflow or Wraparound (CVE-2024-45491)\n\n* libexpat: integer overflow (CVE-2024-45492)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:6754",
        "url": "https://access.redhat.com/errata/RHSA-2024:6754"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2308615",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615"
      },
      {
        "category": "external",
        "summary": "2308616",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616"
      },
      {
        "category": "external",
        "summary": "2308617",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6754.json"
      }
    ],
    "title": "Red Hat Security Advisory: expat security update",
    "tracking": {
      "current_release_date": "2026-06-02T15:17:08+00:00",
      "generator": {
        "date": "2026-06-02T15:17:08+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:6754",
      "initial_release_date": "2024-09-18T12:01:55+00:00",
      "revision_history": [
        {
          "date": "2024-09-18T12:01:55+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-09-18T12:01:55+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T15:17:08+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.4.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                  "product_id": "BaseOS-9.4.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-devel-0:2.5.0-2.el9_4.1.aarch64",
                "product": {
                  "name": "expat-devel-0:2.5.0-2.el9_4.1.aarch64",
                  "product_id": "expat-devel-0:2.5.0-2.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
                "product": {
                  "name": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
                  "product_id": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
                "product": {
                  "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
                  "product_id": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-0:2.5.0-2.el9_4.1.aarch64",
                "product": {
                  "name": "expat-0:2.5.0-2.el9_4.1.aarch64",
                  "product_id": "expat-0:2.5.0-2.el9_4.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.1?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
                "product": {
                  "name": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_id": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
                "product": {
                  "name": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_id": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
                "product": {
                  "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_id": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-0:2.5.0-2.el9_4.1.ppc64le",
                "product": {
                  "name": "expat-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_id": "expat-0:2.5.0-2.el9_4.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.1?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-devel-0:2.5.0-2.el9_4.1.i686",
                "product": {
                  "name": "expat-devel-0:2.5.0-2.el9_4.1.i686",
                  "product_id": "expat-devel-0:2.5.0-2.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.1?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debugsource-0:2.5.0-2.el9_4.1.i686",
                "product": {
                  "name": "expat-debugsource-0:2.5.0-2.el9_4.1.i686",
                  "product_id": "expat-debugsource-0:2.5.0-2.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.1?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
                "product": {
                  "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
                  "product_id": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.1?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-0:2.5.0-2.el9_4.1.i686",
                "product": {
                  "name": "expat-0:2.5.0-2.el9_4.1.i686",
                  "product_id": "expat-0:2.5.0-2.el9_4.1.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.1?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-devel-0:2.5.0-2.el9_4.1.x86_64",
                "product": {
                  "name": "expat-devel-0:2.5.0-2.el9_4.1.x86_64",
                  "product_id": "expat-devel-0:2.5.0-2.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
                "product": {
                  "name": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
                  "product_id": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
                "product": {
                  "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
                  "product_id": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-0:2.5.0-2.el9_4.1.x86_64",
                "product": {
                  "name": "expat-0:2.5.0-2.el9_4.1.x86_64",
                  "product_id": "expat-0:2.5.0-2.el9_4.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.1?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-devel-0:2.5.0-2.el9_4.1.s390x",
                "product": {
                  "name": "expat-devel-0:2.5.0-2.el9_4.1.s390x",
                  "product_id": "expat-devel-0:2.5.0-2.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
                "product": {
                  "name": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
                  "product_id": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
                "product": {
                  "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
                  "product_id": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "expat-0:2.5.0-2.el9_4.1.s390x",
                "product": {
                  "name": "expat-0:2.5.0-2.el9_4.1.s390x",
                  "product_id": "expat-0:2.5.0-2.el9_4.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.1?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "expat-0:2.5.0-2.el9_4.1.src",
                "product": {
                  "name": "expat-0:2.5.0-2.el9_4.1.src",
                  "product_id": "expat-0:2.5.0-2.el9_4.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.1?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.src",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.src",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.i686",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.s390x",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "expat-devel-0:2.5.0-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
        },
        "product_reference": "expat-devel-0:2.5.0-2.el9_4.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.4.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2024-08-30T03:20:06.675968+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308615"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libexpat\u0027s xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: Negative Length Parsing Vulnerability in libexpat",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The CVE-2024-45490 vulnerability is rated as moderate severity because while it allows for memory corruption through improper argument handling in XML_ParseBuffer, the exploitability is limited. Specifically, it requires an unlikely scenario where the input passed to the function has a negative length (len \u003c 0), which would typically not occur in well-formed applications. Moreover, while the impact includes denial of service (DoS), the conditions necessary for arbitrary code execution are non-trivial, requiring specific exploitation of memory corruption. Since it primarily leads to application crashes without an easily accessible attack vector for remote code execution, the risk is lower compared to higher-severity vulnerabilities that offer more direct pathways to exploitation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308615",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45490",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/887",
          "url": "https://github.com/libexpat/libexpat/issues/887"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/890",
          "url": "https://github.com/libexpat/libexpat/pull/890"
        }
      ],
      "release_date": "2024-08-30T03:15:03.757000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-09-18T12:01:55+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6754"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: Negative Length Parsing Vulnerability in libexpat"
    },
    {
      "cve": "CVE-2024-45491",
      "discovery_date": "2024-08-30T03:20:09.474759+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An issue was found in libexpat\u2019s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: Integer Overflow or Wraparound",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as Moderate severity rather than Important due to its reliance on specific conditions for exploitation. The integer overflow in dtdCopy affecting nDefaultAtts is limited to 32-bit platforms, reducing the attack surface as many modern systems operate on 64-bit architectures. Additionally, while the impact can lead to denial of service and potentially arbitrary code execution, the latter requires precise manipulation of the overflow condition, which may be non-trivial for attackers to achieve reliably. The constrained platform scope and the complexity of exploitation lower the overall severity, though it still poses a risk in environments where 32-bit systems are prevalent.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45491",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/888",
          "url": "https://github.com/libexpat/libexpat/issues/888"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/891",
          "url": "https://github.com/libexpat/libexpat/pull/891"
        }
      ],
      "release_date": "2024-08-30T03:15:03.850000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-09-18T12:01:55+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6754"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: Integer Overflow or Wraparound"
    },
    {
      "cve": "CVE-2024-45492",
      "discovery_date": "2024-08-30T03:20:11.638476+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2308617"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libexpat\u0027s internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libexpat: integer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "CVE-2024-45492 is categorized as a Moderate severity issue rather than Important due to the specific conditions required for exploitation and the limited scope of impact. While an integer overflow in the nextScaffoldPart function on 32-bit platforms can potentially lead to denial of service (DoS) or, in rare cases, arbitrary code execution, the vulnerability is platform-specific, affecting only 32-bit architectures with particular handling of UINT_MAX and SIZE_MAX. Additionally, exploiting the overflow for arbitrary code execution would require precise manipulation of memory, making it a less likely attack vector. The primary risk of DoS, without guaranteed escalation to remote code execution, further justifies the moderate severity classification.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
          "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
          "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "RHBZ#2308617",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45492",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
          "url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/issues/889",
          "url": "https://github.com/libexpat/libexpat/issues/889"
        },
        {
          "category": "external",
          "summary": "https://github.com/libexpat/libexpat/pull/892",
          "url": "https://github.com/libexpat/libexpat/pull/892"
        }
      ],
      "release_date": "2024-08-30T03:15:03.930000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-09-18T12:01:55+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6754"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "AppStream-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.src",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-2.el9_4.1.x86_64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.aarch64",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.i686",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.ppc64le",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.s390x",
            "BaseOS-9.4.0.Z.MAIN.EUS:expat-devel-0:2.5.0-2.el9_4.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libexpat: integer overflow"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-45490 (GCVE-0-2024-45490)

Tags

Sightings

Nomenclature