Vulnerability-Lookup

CVE-2025-22113 (GCVE-0-2025-22113)

Vulnerability from cvelistv5 – Published: 2025-04-16 14:12 – Updated: 2026-05-11 21:13

Title

ext4: avoid journaling sb update on error if journal is destroying

Summary

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUG_ON if trying to start a transaction on a journal marked with JBD2_UNMOUNT, since this should never happen. However, while ltp running stress tests, it was observed that in case of some error handling paths, it is possible for update_super_work to start a transaction after the journal is destroyed eg: (umount) ext4_kill_sb kill_block_super generic_shutdown_super sync_filesystem /* commits all txns */ evict_inodes /* might start a new txn */ ext4_put_super flush_work(&sbi->s_sb_upd_work) /* flush the workqueue */ jbd2_journal_destroy journal_kill_thread journal->j_flags |= JBD2_UNMOUNT; jbd2_journal_commit_transaction jbd2_journal_get_descriptor_buffer jbd2_journal_bmap ext4_journal_bmap ext4_map_blocks ... ext4_inode_error ext4_handle_error schedule_work(&sbi->s_sb_upd_work) /* work queue kicks in */ update_super_work jbd2_journal_start start_this_handle BUG_ON(journal->j_flags & JBD2_UNMOUNT) Hence, introduce a new mount flag to indicate journal is destroying and only do a journaled (and deferred) update of sb if this flag is not set. Otherwise, just fallback to an un-journaled commit. Further, in the journal destroy path, we have the following sequence: 1. Set mount flag indicating journal is destroying 2. force a commit and wait for it 3. flush pending sb updates This sequence is important as it ensures that, after this point, there is no sb update that might be journaled so it is safe to update the sb outside the journal. (To avoid race discussed in 2d01ddc86606) Also, we don't need a similar check in ext4_grp_locked_error since it is only called from mballoc and AFAICT it would be always valid to schedule work here.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Assigner

Linux

References

3 references

URL	Tags
https://git.kernel.org/stable/c/eddca44ddf810e27f…
https://git.kernel.org/stable/c/db05767b5bc307143…
https://git.kernel.org/stable/c/ce2f26e73783b4a7c…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 2d01ddc86606564fb08c56e3bc93a0693895f710 , < eddca44ddf810e27f0c96913aa3cc92ebd679ddb (git) Affected: 2d01ddc86606564fb08c56e3bc93a0693895f710 , < db05767b5bc307143d99fe2afd8c43af58d2ebef (git) Affected: 2d01ddc86606564fb08c56e3bc93a0693895f710 , < ce2f26e73783b4a7c46a86e3af5b5c8de0971790 (git)
Linux	Linux	Affected: 5.11 Unaffected: 0 , < 5.11 (semver) Unaffected: 6.12.46 , ≤ 6.12.* (semver) Unaffected: 6.14.2 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/ext4.h",
            "fs/ext4/ext4_jbd2.h",
            "fs/ext4/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "eddca44ddf810e27f0c96913aa3cc92ebd679ddb",
              "status": "affected",
              "version": "2d01ddc86606564fb08c56e3bc93a0693895f710",
              "versionType": "git"
            },
            {
              "lessThan": "db05767b5bc307143d99fe2afd8c43af58d2ebef",
              "status": "affected",
              "version": "2d01ddc86606564fb08c56e3bc93a0693895f710",
              "versionType": "git"
            },
            {
              "lessThan": "ce2f26e73783b4a7c46a86e3af5b5c8de0971790",
              "status": "affected",
              "version": "2d01ddc86606564fb08c56e3bc93a0693895f710",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/ext4.h",
            "fs/ext4/ext4_jbd2.h",
            "fs/ext4/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.46",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.2",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n  kill_block_super\n    generic_shutdown_super\n      sync_filesystem /* commits all txns */\n      evict_inodes\n        /* might start a new txn */\n      ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n        jbd2_journal_destroy\n          journal_kill_thread\n            journal-\u003ej_flags |= JBD2_UNMOUNT;\n          jbd2_journal_commit_transaction\n            jbd2_journal_get_descriptor_buffer\n              jbd2_journal_bmap\n                ext4_journal_bmap\n                  ext4_map_blocks\n                    ...\n                    ext4_inode_error\n                      ext4_handle_error\n                        schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n                                               /* work queue kicks in */\n                                               update_super_work\n                                                 jbd2_journal_start\n                                                   start_this_handle\n                                                     BUG_ON(journal-\u003ej_flags \u0026\n                                                            JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n  1. Set mount flag indicating journal is destroying\n  2. force a commit and wait for it\n  3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:13:13.291Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/eddca44ddf810e27f0c96913aa3cc92ebd679ddb"
        },
        {
          "url": "https://git.kernel.org/stable/c/db05767b5bc307143d99fe2afd8c43af58d2ebef"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce2f26e73783b4a7c46a86e3af5b5c8de0971790"
        }
      ],
      "title": "ext4: avoid journaling sb update on error if journal is destroying",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-22113",
    "datePublished": "2025-04-16T14:12:59.228Z",
    "dateReserved": "2024-12-29T08:45:45.821Z",
    "dateUpdated": "2026-05-11T21:13:13.291Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-22113",
      "date": "2026-06-06",
      "epss": "0.00022",
      "percentile": "0.06465"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-22113\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-04-16T15:16:05.523\",\"lastModified\":\"2025-11-03T18:38:15.473\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\next4: avoid journaling sb update on error if journal is destroying\\n\\nPresently we always BUG_ON if trying to start a transaction on a journal marked\\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\\nstress tests, it was observed that in case of some error handling paths, it is\\npossible for update_super_work to start a transaction after the journal is\\ndestroyed eg:\\n\\n(umount)\\next4_kill_sb\\n  kill_block_super\\n    generic_shutdown_super\\n      sync_filesystem /* commits all txns */\\n      evict_inodes\\n        /* might start a new txn */\\n      ext4_put_super\\n\\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\\n        jbd2_journal_destroy\\n          journal_kill_thread\\n            journal-\u003ej_flags |= JBD2_UNMOUNT;\\n          jbd2_journal_commit_transaction\\n            jbd2_journal_get_descriptor_buffer\\n              jbd2_journal_bmap\\n                ext4_journal_bmap\\n                  ext4_map_blocks\\n                    ...\\n                    ext4_inode_error\\n                      ext4_handle_error\\n                        schedule_work(\u0026sbi-\u003es_sb_upd_work)\\n\\n                                               /* work queue kicks in */\\n                                               update_super_work\\n                                                 jbd2_journal_start\\n                                                   start_this_handle\\n                                                     BUG_ON(journal-\u003ej_flags \u0026\\n                                                            JBD2_UNMOUNT)\\n\\nHence, introduce a new mount flag to indicate journal is destroying and only do\\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\\nfallback to an un-journaled commit.\\n\\nFurther, in the journal destroy path, we have the following sequence:\\n\\n  1. Set mount flag indicating journal is destroying\\n  2. force a commit and wait for it\\n  3. flush pending sb updates\\n\\nThis sequence is important as it ensures that, after this point, there is no sb\\nupdate that might be journaled so it is safe to update the sb outside the\\njournal. (To avoid race discussed in 2d01ddc86606)\\n\\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\\ncalled from mballoc and AFAICT it would be always valid to schedule work here.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evitar el registro en diario de la actualizaci\u00f3n de sb en caso de error si el diario se est\u00e1 destruyendo. Actualmente, siempre aplicamos BUG_ON al intentar iniciar una transacci\u00f3n en un diario marcado con JBD2_UNMOUNT, ya que esto nunca deber\u00eda ocurrir. Sin embargo, mientras ltp ejecutaba pruebas de estr\u00e9s, se observ\u00f3 que en caso de algunas rutas de gesti\u00f3n de errores, es posible que update_super_work inicie una transacci\u00f3n despu\u00e9s de que el diario se destruya, por ejemplo:  (umount) ext4_kill_sb kill_block_super generic_shutdown_super sync_filesystem /* commits all txns */ evict_inodes /* might start a new txn */ ext4_put_super flush_work(\u0026amp;sbi-\u0026gt;s_sb_upd_work) /* flush the workqueue */ jbd2_journal_destroy journal_kill_thread journal-\u0026gt;j_flags |= JBD2_UNMOUNT; jbd2_journal_commit_transaction jbd2_journal_get_descriptor_buffer jbd2_journal_bmap ext4_journal_bmap ext4_map_blocks ... ext4_inode_error ext4_handle_error schedule_work(\u0026amp;sbi-\u0026gt;s_sb_upd_work) /* work queue kicks in */ update_super_work jbd2_journal_start start_this_handle BUG_ON(journal-\u0026gt;j_flags \u0026amp; JBD2_UNMOUNT)  Por lo tanto, se introduce un nuevo indicador de montaje para indicar que el diario se est\u00e1 destruyendo y solo se realiza una actualizaci\u00f3n registrada (y diferida) de sb si este indicador no est\u00e1 configurado. De lo contrario, simplemente se recurre a una confirmaci\u00f3n no registrada. Adem\u00e1s, en la ruta de destrucci\u00f3n del diario, tenemos la siguiente secuencia: 1. Establecer el indicador de montaje que indica que el diario se est\u00e1 destruyendo 2. forzar una confirmaci\u00f3n y esperarla 3. vaciar las actualizaciones pendientes del sb Esta secuencia es importante ya que garantiza que, despu\u00e9s de este punto, no haya ninguna actualizaci\u00f3n del sb que pueda registrarse, por lo que es seguro actualizar el sb fuera del diario. (Para evitar la ejecuci\u00f3n discutida en 2d01ddc86606) Adem\u00e1s, no necesitamos una comprobaci\u00f3n similar en ext4_grp_locked_error ya que solo se llama desde mballoc y AFAICT siempre ser\u00eda v\u00e1lido programar el trabajo aqu\u00ed.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11.1\",\"versionEndExcluding\":\"6.12.46\",\"matchCriteriaId\":\"5C3E0226-1D96-489C-9CAB-CBB34108B4BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.14.2\",\"matchCriteriaId\":\"633A38C1-75C8-452D-8F1C-DA0269FD2687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.11:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AD3510E-E8FA-47F3-9AD5-D8EA4A2719D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.11:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A330B043-47EA-4D06-82BF-153A1735FC11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.11:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0EE963C-B36C-4143-96A9-65BCA7D8F2EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.11:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B511E2F6-2917-4797-8909-8F7EA4870C7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.11:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9FA9D80-C790-41EA-8A21-DF7B170465E0\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/ce2f26e73783b4a7c46a86e3af5b5c8de0971790\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/db05767b5bc307143d99fe2afd8c43af58d2ebef\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/eddca44ddf810e27f0c96913aa3cc92ebd679ddb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}

WID-SEC-W-2025-2855

Vulnerability from csaf_certbund - Published: 2025-12-15 23:00 - Updated: 2025-12-15 23:00

Summary

IBM DataPower Gateway: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Das DataPower Gateway ist eine Software zur Unterstützung von Unternehmen bei der Erfüllung der Sicherheits- und Integrationsanforderungen.

Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM DataPower Gateway ausnutzen, um beliebigen Programmcode auszuführen, Daten zu manipulieren, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht spezifizierte Angriffe durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2016-10044

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-39500

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42265

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42291

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42294

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42304

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42312

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42316

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-42321

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-43828

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-43846

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-43853

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-43871

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-43898

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-44958

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-44975

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-44987

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-44989

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-45022

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-46750

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-46787

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47660

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47668

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47678

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47685

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47700

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47705

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47706

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47710

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47719

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-47745

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49851

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49860

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49870

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49875

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49881

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49882

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49883

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49884

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49885

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49886

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49889

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49927

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49933

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49935

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49954

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49959

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49960

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49962

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49975

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49983

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-49994

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50002

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50006

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50014

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50015

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50019

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50024

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50027

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50028

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50038

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50039

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50046

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50055

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50058

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50064

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50067

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50073

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50074

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50081

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50082

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50101

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50106

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50169

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50186

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50191

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50200

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50215

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50256

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50271

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50272

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-50301

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53044

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53057

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53070

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53082

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53085

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53096

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53097

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53103

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53105

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53110

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53117

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53118

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53124

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53136

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53142

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53160

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53166

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53173

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53174

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53203

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53222

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-53681

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56558

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56566

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56600

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56601

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56611

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56644

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56647

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56688

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56693

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-56783

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-57843

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-57884

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-57888

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2024-57929

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-21666

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-21669

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-21694

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-21999

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-22058

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-22113

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-22121

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-37785

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-38089

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-38200

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-38461

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

CVE-2025-8058

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM DataPower Gateway <10.6.6.0 IBM / DataPower Gateway		<10.6.6.0

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7254810	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das DataPower Gateway ist eine Software zur Unterst\u00fctzung von Unternehmen bei der Erf\u00fcllung der Sicherheits- und Integrationsanforderungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in IBM DataPower Gateway ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht spezifizierte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2855 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2855.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2855 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2855"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7254810 vom 2025-12-15",
        "url": "https://www.ibm.com/support/pages/node/7254810"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM DataPower Gateway: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-12-15T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-16T11:15:03.684+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-2855",
      "initial_release_date": "2025-12-15T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-12-15T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.6.6.0",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.6.6.0",
                  "product_id": "T049457"
                }
              },
              {
                "category": "product_version",
                "name": "10.6.6.0",
                "product": {
                  "name": "IBM DataPower Gateway 10.6.6.0",
                  "product_id": "T049457-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.6.6.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "DataPower Gateway"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10044",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2016-10044"
    },
    {
      "cve": "CVE-2024-39500",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-39500"
    },
    {
      "cve": "CVE-2024-42265",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42265"
    },
    {
      "cve": "CVE-2024-42291",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42291"
    },
    {
      "cve": "CVE-2024-42294",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42294"
    },
    {
      "cve": "CVE-2024-42304",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42304"
    },
    {
      "cve": "CVE-2024-42312",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42312"
    },
    {
      "cve": "CVE-2024-42316",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42316"
    },
    {
      "cve": "CVE-2024-42321",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-42321"
    },
    {
      "cve": "CVE-2024-43828",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-43828"
    },
    {
      "cve": "CVE-2024-43846",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-43846"
    },
    {
      "cve": "CVE-2024-43853",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-43853"
    },
    {
      "cve": "CVE-2024-43871",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-43871"
    },
    {
      "cve": "CVE-2024-43898",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-43898"
    },
    {
      "cve": "CVE-2024-44958",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-44958"
    },
    {
      "cve": "CVE-2024-44975",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-44975"
    },
    {
      "cve": "CVE-2024-44987",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-44987"
    },
    {
      "cve": "CVE-2024-44989",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-44989"
    },
    {
      "cve": "CVE-2024-45022",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-45022"
    },
    {
      "cve": "CVE-2024-46750",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-46750"
    },
    {
      "cve": "CVE-2024-46787",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-46787"
    },
    {
      "cve": "CVE-2024-47660",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47660"
    },
    {
      "cve": "CVE-2024-47668",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47668"
    },
    {
      "cve": "CVE-2024-47678",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47678"
    },
    {
      "cve": "CVE-2024-47685",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47685"
    },
    {
      "cve": "CVE-2024-47700",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47700"
    },
    {
      "cve": "CVE-2024-47705",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47705"
    },
    {
      "cve": "CVE-2024-47706",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47706"
    },
    {
      "cve": "CVE-2024-47710",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47710"
    },
    {
      "cve": "CVE-2024-47719",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47719"
    },
    {
      "cve": "CVE-2024-47745",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-47745"
    },
    {
      "cve": "CVE-2024-49851",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49851"
    },
    {
      "cve": "CVE-2024-49860",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49860"
    },
    {
      "cve": "CVE-2024-49870",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49870"
    },
    {
      "cve": "CVE-2024-49875",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49875"
    },
    {
      "cve": "CVE-2024-49881",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49881"
    },
    {
      "cve": "CVE-2024-49882",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49882"
    },
    {
      "cve": "CVE-2024-49883",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49883"
    },
    {
      "cve": "CVE-2024-49884",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49884"
    },
    {
      "cve": "CVE-2024-49885",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49885"
    },
    {
      "cve": "CVE-2024-49886",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49886"
    },
    {
      "cve": "CVE-2024-49889",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49889"
    },
    {
      "cve": "CVE-2024-49927",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49927"
    },
    {
      "cve": "CVE-2024-49933",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49933"
    },
    {
      "cve": "CVE-2024-49935",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49935"
    },
    {
      "cve": "CVE-2024-49954",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49954"
    },
    {
      "cve": "CVE-2024-49959",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49959"
    },
    {
      "cve": "CVE-2024-49960",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49960"
    },
    {
      "cve": "CVE-2024-49962",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49962"
    },
    {
      "cve": "CVE-2024-49968",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49968"
    },
    {
      "cve": "CVE-2024-49975",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49975"
    },
    {
      "cve": "CVE-2024-49983",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49983"
    },
    {
      "cve": "CVE-2024-49994",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-49994"
    },
    {
      "cve": "CVE-2024-50002",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50002"
    },
    {
      "cve": "CVE-2024-50006",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50006"
    },
    {
      "cve": "CVE-2024-50014",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50014"
    },
    {
      "cve": "CVE-2024-50015",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50015"
    },
    {
      "cve": "CVE-2024-50019",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50019"
    },
    {
      "cve": "CVE-2024-50024",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50024"
    },
    {
      "cve": "CVE-2024-50027",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50027"
    },
    {
      "cve": "CVE-2024-50028",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50028"
    },
    {
      "cve": "CVE-2024-50038",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50038"
    },
    {
      "cve": "CVE-2024-50039",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50039"
    },
    {
      "cve": "CVE-2024-50046",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50046"
    },
    {
      "cve": "CVE-2024-50055",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50055"
    },
    {
      "cve": "CVE-2024-50058",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50058"
    },
    {
      "cve": "CVE-2024-50064",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50064"
    },
    {
      "cve": "CVE-2024-50067",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50067"
    },
    {
      "cve": "CVE-2024-50073",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50073"
    },
    {
      "cve": "CVE-2024-50074",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50074"
    },
    {
      "cve": "CVE-2024-50081",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50081"
    },
    {
      "cve": "CVE-2024-50082",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50082"
    },
    {
      "cve": "CVE-2024-50101",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50101"
    },
    {
      "cve": "CVE-2024-50106",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50106"
    },
    {
      "cve": "CVE-2024-50141",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50141"
    },
    {
      "cve": "CVE-2024-50153",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50153"
    },
    {
      "cve": "CVE-2024-50169",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50169"
    },
    {
      "cve": "CVE-2024-50186",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50186"
    },
    {
      "cve": "CVE-2024-50191",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50191"
    },
    {
      "cve": "CVE-2024-50200",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50200"
    },
    {
      "cve": "CVE-2024-50215",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50215"
    },
    {
      "cve": "CVE-2024-50256",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50256"
    },
    {
      "cve": "CVE-2024-50271",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50271"
    },
    {
      "cve": "CVE-2024-50272",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50272"
    },
    {
      "cve": "CVE-2024-50301",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-50301"
    },
    {
      "cve": "CVE-2024-53044",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53044"
    },
    {
      "cve": "CVE-2024-53057",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53057"
    },
    {
      "cve": "CVE-2024-53070",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53070"
    },
    {
      "cve": "CVE-2024-53082",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53082"
    },
    {
      "cve": "CVE-2024-53085",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53085"
    },
    {
      "cve": "CVE-2024-53096",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53096"
    },
    {
      "cve": "CVE-2024-53097",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53097"
    },
    {
      "cve": "CVE-2024-53103",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53103"
    },
    {
      "cve": "CVE-2024-53105",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53105"
    },
    {
      "cve": "CVE-2024-53110",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53110"
    },
    {
      "cve": "CVE-2024-53117",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53117"
    },
    {
      "cve": "CVE-2024-53118",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53118"
    },
    {
      "cve": "CVE-2024-53124",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53124"
    },
    {
      "cve": "CVE-2024-53136",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53136"
    },
    {
      "cve": "CVE-2024-53142",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53142"
    },
    {
      "cve": "CVE-2024-53160",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53160"
    },
    {
      "cve": "CVE-2024-53166",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53166"
    },
    {
      "cve": "CVE-2024-53173",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53173"
    },
    {
      "cve": "CVE-2024-53174",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53174"
    },
    {
      "cve": "CVE-2024-53203",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53203"
    },
    {
      "cve": "CVE-2024-53222",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53222"
    },
    {
      "cve": "CVE-2024-53681",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-53681"
    },
    {
      "cve": "CVE-2024-56558",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56558"
    },
    {
      "cve": "CVE-2024-56566",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56566"
    },
    {
      "cve": "CVE-2024-56600",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56600"
    },
    {
      "cve": "CVE-2024-56601",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56601"
    },
    {
      "cve": "CVE-2024-56611",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56611"
    },
    {
      "cve": "CVE-2024-56644",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56644"
    },
    {
      "cve": "CVE-2024-56647",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56647"
    },
    {
      "cve": "CVE-2024-56688",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56688"
    },
    {
      "cve": "CVE-2024-56693",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56693"
    },
    {
      "cve": "CVE-2024-56783",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-56783"
    },
    {
      "cve": "CVE-2024-57843",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-57843"
    },
    {
      "cve": "CVE-2024-57884",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-57884"
    },
    {
      "cve": "CVE-2024-57888",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-57888"
    },
    {
      "cve": "CVE-2024-57929",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2024-57929"
    },
    {
      "cve": "CVE-2025-21666",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-21666"
    },
    {
      "cve": "CVE-2025-21669",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-21669"
    },
    {
      "cve": "CVE-2025-21694",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-21694"
    },
    {
      "cve": "CVE-2025-21999",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-21999"
    },
    {
      "cve": "CVE-2025-22058",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-22058"
    },
    {
      "cve": "CVE-2025-22113",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-22113"
    },
    {
      "cve": "CVE-2025-22121",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-22121"
    },
    {
      "cve": "CVE-2025-37785",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-37785"
    },
    {
      "cve": "CVE-2025-38089",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-38089"
    },
    {
      "cve": "CVE-2025-38200",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-38200"
    },
    {
      "cve": "CVE-2025-38461",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-38461"
    },
    {
      "cve": "CVE-2025-8058",
      "product_status": {
        "known_affected": [
          "T049457"
        ]
      },
      "release_date": "2025-12-15T23:00:00.000+00:00",
      "title": "CVE-2025-8058"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-22113 (GCVE-0-2025-22113)

WID-SEC-W-2025-2855

Tags

Sightings

Nomenclature