Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-31257 (GCVE-0-2025-31257)
Vulnerability from cvelistv5 – Published: 2025-05-12 21:43 – Updated: 2026-05-12 12:04
VLAI
EPSS
Summary
This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Processing maliciously crafted web content may lead to an unexpected Safari crash
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
13 references
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | Safari |
Affected:
0 , < 18.5
(custom)
|
|
| Apple | iOS and iPadOS |
Affected:
0 , < 18.5
(custom)
|
|
| Apple | macOS |
Affected:
0 , < 15.5
(custom)
|
|
| Apple | tvOS |
Affected:
0 , < 18.5
(custom)
|
|
| Apple | visionOS |
Affected:
0 , < 2.5
(custom)
|
|
| Apple | watchOS |
Affected:
0 , < 11.5
(custom)
|
|
| Siemens | SIMATIC CN 4100 |
Affected:
0 , < V5.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-31257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T15:31:38.297730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T15:32:24.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:52:32.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/13"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/12"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/11"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/7"
},
{
"url": "http://seclists.org/fulldisclosure/2025/May/5"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CN 4100",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:04:17.048Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "18.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "visionOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to an unexpected Safari crash",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T18:25:13.932Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"url": "https://support.apple.com/en-us/122404"
},
{
"url": "https://support.apple.com/en-us/122716"
},
{
"url": "https://support.apple.com/en-us/122719"
},
{
"url": "https://support.apple.com/en-us/122720"
},
{
"url": "https://support.apple.com/en-us/122721"
},
{
"url": "https://support.apple.com/en-us/122722"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2025-31257",
"datePublished": "2025-05-12T21:43:00.387Z",
"dateReserved": "2025-03-27T16:13:58.337Z",
"dateUpdated": "2026-05-12T12:04:17.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-31257",
"date": "2026-06-05",
"epss": "0.00807",
"percentile": "0.74561"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-31257\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2025-05-12T22:15:25.453\",\"lastModified\":\"2026-05-12T13:16:40.767\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.\"},{\"lang\":\"es\",\"value\":\"Este problema se solucion\u00f3 mejorando la gesti\u00f3n de la memoria. Est\u00e1 corregido en watchOS 11.5, tvOS 18.5, iOS 18.5 y iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5 y Safari 18.5. El procesamiento de contenido web malintencionado puede provocar un bloqueo inesperado de Safari.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.5\",\"matchCriteriaId\":\"2911F28D-586D-4C43-BCE7-A8A77568E183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.5\",\"matchCriteriaId\":\"D0459303-7D14-428D-9C4E-2C743AC9529F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.5\",\"matchCriteriaId\":\"AF6AAC00-F384-4B0D-BBA9-C2AD278BF653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.5\",\"matchCriteriaId\":\"EF1B4AB8-2B51-4EED-BD29-C500C83FAB10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.5\",\"matchCriteriaId\":\"519C8A39-A24E-44B7-B1E8-6EF647FEFCA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5\",\"matchCriteriaId\":\"047CDCCE-04BB-4D43-9831-7694992C5CC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.5\",\"matchCriteriaId\":\"0CBDEF1C-6D76-4F9D-8433-3AC16F3860F4\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/122404\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/122716\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/122719\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/122720\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/122721\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/122722\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2025/May/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2025/May/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2025/May/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2025/May/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2025/May/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-032379.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/May/13\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/May/12\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/May/11\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/May/7\"}, {\"url\": \"http://seclists.org/fulldisclosure/2025/May/5\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T19:52:32.999Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"SIMATIC CN 4100\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V5.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-032379.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T12:04:17.048Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 4.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-31257\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-13T15:31:38.297730Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-13T15:32:20.352Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Apple\", \"product\": \"Safari\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"18.5\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"iOS and iPadOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"18.5\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"macOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"15.5\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"tvOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"18.5\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"visionOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.5\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Apple\", \"product\": \"watchOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"11.5\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://support.apple.com/en-us/122404\"}, {\"url\": \"https://support.apple.com/en-us/122716\"}, {\"url\": \"https://support.apple.com/en-us/122719\"}, {\"url\": \"https://support.apple.com/en-us/122720\"}, {\"url\": \"https://support.apple.com/en-us/122721\"}, {\"url\": \"https://support.apple.com/en-us/122722\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Processing maliciously crafted web content may lead to an unexpected Safari crash\"}]}], \"providerMetadata\": {\"orgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"shortName\": \"apple\", \"dateUpdated\": \"2026-04-02T18:25:13.932Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-31257\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T12:04:17.048Z\", \"dateReserved\": \"2025-03-27T16:13:58.337Z\", \"assignerOrgId\": \"286789f9-fbc2-4510-9f9a-43facdede74c\", \"datePublished\": \"2025-05-12T21:43:00.387Z\", \"assignerShortName\": \"apple\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2025-1010
Vulnerability from csaf_certbund - Published: 2025-05-12 22:00 - Updated: 2025-05-15 22:00Summary
Apple Safari: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Safari ist der auf Apple Geräten eingesetzte Web Browser.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple Safari ausnutzen, um einen Denial of Service Angriff durchzuführen, Informationen auszuspähen oder potentiell eigenen Code zur Ausführung zu bringen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Apple Safari <18.5
Apple / Safari
|
<18.5 |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Safari ist der auf Apple Ger\u00e4ten eingesetzte Web Browser.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple Safari ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Informationen auszusp\u00e4hen oder potentiell eigenen Code zur Ausf\u00fchrung zu bringen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1010 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1010.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1010 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1010"
},
{
"category": "external",
"summary": "APPLE-SA-05-12-2025-9 Safari 18.5 vom 2025-05-12",
"url": "https://lists.apple.com/archives/security-announce/2025/May/msg00008.html"
},
{
"category": "external",
"summary": "Safari 18.5 vom 2025-05-12",
"url": "https://support.apple.com/en-us/122719"
}
],
"source_lang": "en-US",
"title": "Apple Safari: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-05-15T22:00:00.000+00:00",
"generator": {
"date": "2025-05-16T07:45:35.335+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-1010",
"initial_release_date": "2025-05-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-05-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-05-15T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-14780"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c18.5",
"product": {
"name": "Apple Safari \u003c18.5",
"product_id": "T043579"
}
},
{
"category": "product_version",
"name": "18.5",
"product": {
"name": "Apple Safari 18.5",
"product_id": "T043579-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apple:safari:18.5"
}
}
}
],
"category": "product_name",
"name": "Safari"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24213",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-24213"
},
{
"cve": "CVE-2025-24223",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-24223"
},
{
"cve": "CVE-2025-31204",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31204"
},
{
"cve": "CVE-2025-31205",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31205"
},
{
"cve": "CVE-2025-31206",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31206"
},
{
"cve": "CVE-2025-31215",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31215"
},
{
"cve": "CVE-2025-31217",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31217"
},
{
"cve": "CVE-2025-31223",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31223"
},
{
"cve": "CVE-2025-31238",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31238"
},
{
"cve": "CVE-2025-31257",
"product_status": {
"known_affected": [
"T043579"
]
},
"release_date": "2025-05-12T22:00:00.000+00:00",
"title": "CVE-2025-31257"
}
]
}
WID-SEC-W-2025-1069
Vulnerability from csaf_certbund - Published: 2025-05-14 22:00 - Updated: 2025-07-10 22:00Summary
WebKitGTK: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: WebKitGTK ist ein Webbrowser. Dieser nutzt die WebKit-Engine, die auch von Safari und vielen anderen Apps auf macOS, iOS und Linux verwendet wird.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in WebKitGTK ausnutzen, um beliebigen Programmcode auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen preiszugeben und weitere nicht spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source WebKitGTK <2.48.2
Open Source / WebKitGTK
|
<2.48.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Open Source WebKitGTK <2.42.0
Open Source / WebKitGTK
|
<2.42.0 |
References
30 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "WebKitGTK ist ein Webbrowser. Dieser nutzt die WebKit-Engine, die auch von Safari und vielen anderen Apps auf macOS, iOS und Linux verwendet wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in WebKitGTK ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben und weitere nicht spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1069 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1069.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1069 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1069"
},
{
"category": "external",
"summary": "WebKit Security Advisory vom 2025-05-14",
"url": "https://webkitgtk.org/security/WSA-2025-0004.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-C40948DE3A vom 2025-05-15",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-c40948de3a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-40AEEBE6D2 vom 2025-05-15",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-40aeebe6d2"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202505-3 vom 2025-05-18",
"url": "https://security.archlinux.org/ASA-202505-3"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202505-4 vom 2025-05-18",
"url": "https://security.archlinux.org/ASA-202505-4"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202505-5 vom 2025-05-18",
"url": "https://security.archlinux.org/ASA-202505-5"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202505-2 vom 2025-05-18",
"url": "https://security.archlinux.org/ASA-202505-2"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202505-2 vom 2025-05-18",
"url": "https://security.archlinux.org/ASA-202505-2/generate"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7995 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7995"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8046 vom 2025-05-20",
"url": "https://access.redhat.com/errata/RHSA-2025:8046"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8046 vom 2025-05-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-8046.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7995 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7995.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01720-1 vom 2025-05-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020915.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01746-1 vom 2025-05-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4XOWWSKXSOSMFLT4REGV5ZOMGZEVSF2B/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01724-1 vom 2025-05-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/46G2Y6HALL2ZNS5I5OOXHDSXMUL5G5QJ/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8533 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8534 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8534"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8530 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8530"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8531 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8531"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8541 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8541"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8532 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8532"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8600 vom 2025-06-05",
"url": "https://access.redhat.com/errata/RHSA-2025:8600"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5937 vom 2025-06-06",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00101.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7566-1 vom 2025-06-12",
"url": "https://ubuntu.com/security/notices/USN-7566-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4218 vom 2025-06-16",
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00016.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02033-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021607.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10364 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10364"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2925 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2925.html"
}
],
"source_lang": "en-US",
"title": "WebKitGTK: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-10T22:00:00.000+00:00",
"generator": {
"date": "2025-07-11T08:29:47.820+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1069",
"initial_release_date": "2025-05-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-05-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-05-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Arch Linux aufgenommen"
},
{
"date": "2025-05-19T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "6",
"summary": "Produktzuordnung \u00fcberarbeitet"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-05T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-06T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.42.0",
"product": {
"name": "Open Source WebKitGTK \u003c2.42.0",
"product_id": "T044047"
}
},
{
"category": "product_version",
"name": "2.42.0",
"product": {
"name": "Open Source WebKitGTK 2.42.0",
"product_id": "T044047-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:webkitgtk:webkitgtk:2.42.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.48.2",
"product": {
"name": "Open Source WebKitGTK \u003c2.48.2",
"product_id": "T044048"
}
},
{
"category": "product_version",
"name": "2.48.2",
"product": {
"name": "Open Source WebKitGTK 2.48.2",
"product_id": "T044048-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:webkitgtk:webkitgtk:2.48.2"
}
}
}
],
"category": "product_name",
"name": "WebKitGTK"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-42875",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2023-42875"
},
{
"cve": "CVE-2023-42970",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2023-42970"
},
{
"cve": "CVE-2025-24223",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2025-24223"
},
{
"cve": "CVE-2025-31204",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2025-31204"
},
{
"cve": "CVE-2025-31205",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2025-31205"
},
{
"cve": "CVE-2025-31206",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2025-31206"
},
{
"cve": "CVE-2025-31215",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2025-31215"
},
{
"cve": "CVE-2025-31257",
"product_status": {
"known_affected": [
"T044048",
"2951",
"T002207",
"67646",
"T000126",
"T013312",
"398363",
"T004914",
"74185",
"T044047"
]
},
"release_date": "2025-05-14T22:00:00.000+00:00",
"title": "CVE-2025-31257"
}
]
}
WID-SEC-W-2025-2365
Vulnerability from csaf_certbund - Published: 2025-10-21 22:00 - Updated: 2026-03-08 23:00Summary
Oracle Java SE: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- Windows
Affected products
Known affected
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Application Developer for WebSphere Software 9.7
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7
|
9.7 | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
IBM Rational Application Developer for WebSphere Software 9.6
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6
|
9.6 | |
|
IBM Tivoli Network Manager
IBM
|
cpe:/a:ibm:tivoli_network_manager:ip_edition
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Java SE GraalVM for JDK 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_21.0.8
|
GraalVM for JDK 21.0.8 | |
|
Open Source Camunda <7.23.7
Open Source / Camunda
|
<7.23.7 | ||
|
Oracle Java SE 11.0.28
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.28
|
11.0.28 | |
|
Open Source Camunda <7.24.1
Open Source / Camunda
|
<7.24.1 | ||
|
IBM Sterling Connect:Direct <1.4.0.5_iFix002
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix002 | ||
|
Oracle Java SE GraalVM for JDK 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_17.0.16
|
GraalVM for JDK 17.0.16 | |
|
IBM Sterling Connect:Direct <1.4.0.5_iFix001
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix001 | ||
|
IBM Sterling Connect:Direct
IBM / Sterling Connect:Direct
|
cpe:/a:ibm:sterling_connect%3adirect:-
|
— | |
|
IBM MQ Container <9.4.4.1-r1
IBM / MQ
|
Container <9.4.4.1-r1 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Oracle Java SE 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.16
|
17.0.16 | |
|
Oracle Java SE GraalVM Enterprise Edition 21.3.15
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_enterprise_edition_21.3.15
|
GraalVM Enterprise Edition 21.3.15 | |
|
IBM MQ Operator <v3.2.21
IBM / MQ
|
Operator <v3.2.21 | ||
|
IBM MQ 9.3
IBM / MQ
|
cpe:/a:ibm:mq:9.3
|
9.3 | |
|
Oracle Java SE 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.8
|
21.0.8 | |
|
IBM MQ Operator <v3.8.1
IBM / MQ
|
Operator <v3.8.1 | ||
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer
IBM
|
cpe:/a:ibm:rational_business_developer:-
|
— | |
|
Oracle Java SE 8u461-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-perf
|
8u461-perf | |
|
IBM Rational Software Architect 10.0
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:10.0
|
10 | |
|
Oracle Java SE 8u461
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461
|
8u461 | |
|
IBM Rational Software Architect 9.7
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.7
|
9.7 | |
|
RealObjects PDFreactor <12.4
RealObjects / PDFreactor
|
<12.4 | ||
|
IBM Sterling Connect:Direct <6.3.0.16
IBM / Sterling Connect:Direct
|
<6.3.0.16 | ||
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— | |
|
Oracle Java SE 8u461-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-b50
|
8u461-b50 | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM TXSeries multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:multiplatforms
|
multiplatforms | |
|
IBM SPSS
IBM
|
cpe:/a:ibm:spss:collaboration_and_deployment_services
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM DataPower Gateway <10.6.0.8
IBM / DataPower Gateway
|
<10.6.0.8 | ||
|
IBM DataPower Gateway <10.5.0.20
IBM / DataPower Gateway
|
<10.5.0.20 | ||
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Dell NetWorker Runtime Environment <8.0.27
Dell / NetWorker
|
Runtime Environment <8.0.27 | ||
|
IBM Security Verify Access <v10.0.9.1
IBM / Security Verify Access
|
<v10.0.9.1 | ||
|
IBM Java <8.0.8.55
IBM / Java
|
<8.0.8.55 | ||
|
Dell NetWorker Runtime Environment <17.0.3
Dell / NetWorker
|
Runtime Environment <17.0.3 | ||
|
IBM DB2 Query Management Facility
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility
|
Query Management Facility | |
|
IBM Java <7.1.5.28
IBM / Java
|
<7.1.5.28 | ||
|
IBM WebSphere Application Server liberty
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:liberty
|
liberty | |
|
Dell NetWorker NRE <17.0.4
Dell / NetWorker
|
NRE <17.0.4 | ||
|
Amazon Corretto <11.0.29.7.1
Amazon / Corretto
|
<11.0.29.7.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Corretto <8.472.08.1
Amazon / Corretto
|
<8.472.08.1 | ||
|
IBM MQ 9.4
IBM / MQ
|
cpe:/a:ibm:mq:9.4
|
9.4 | |
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM DataPower Gateway <10.6.6.0
IBM / DataPower Gateway
|
<10.6.6.0 | ||
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:containers
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Sterling Connect:Direct <6.4.0.5
IBM / Sterling Connect:Direct
|
<6.4.0.5 | ||
|
IBM MQ 9.1
IBM / MQ
|
cpe:/a:ibm:mq:9.1
|
9.1 | |
|
IBM MQ 9.2
IBM / MQ
|
cpe:/a:ibm:mq:9.2
|
9.2 | |
|
Dell NetWorker NRE <8.0.28
Dell / NetWorker
|
NRE <8.0.28 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
IBM Rational Software Architect 9.6
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.6
|
9.6 | |
|
Open Source Camunda <7.22.10
Open Source / Camunda
|
<7.22.10 | ||
|
IBM Rational Application Developer for WebSphere Software 10.0
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0
|
10 | |
|
IBM DB2 Query Management Facility for z/OS
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility_for_zos
|
Query Management Facility for z/OS |
Affected products
Known affected
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Application Developer for WebSphere Software 9.7
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7
|
9.7 | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
IBM Rational Application Developer for WebSphere Software 9.6
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6
|
9.6 | |
|
IBM Tivoli Network Manager
IBM
|
cpe:/a:ibm:tivoli_network_manager:ip_edition
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Java SE GraalVM for JDK 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_21.0.8
|
GraalVM for JDK 21.0.8 | |
|
Open Source Camunda <7.23.7
Open Source / Camunda
|
<7.23.7 | ||
|
Oracle Java SE 11.0.28
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.28
|
11.0.28 | |
|
Open Source Camunda <7.24.1
Open Source / Camunda
|
<7.24.1 | ||
|
IBM Sterling Connect:Direct <1.4.0.5_iFix002
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix002 | ||
|
Oracle Java SE GraalVM for JDK 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_17.0.16
|
GraalVM for JDK 17.0.16 | |
|
IBM Sterling Connect:Direct <1.4.0.5_iFix001
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix001 | ||
|
IBM Sterling Connect:Direct
IBM / Sterling Connect:Direct
|
cpe:/a:ibm:sterling_connect%3adirect:-
|
— | |
|
IBM MQ Container <9.4.4.1-r1
IBM / MQ
|
Container <9.4.4.1-r1 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Oracle Java SE 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.16
|
17.0.16 | |
|
Oracle Java SE GraalVM Enterprise Edition 21.3.15
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_enterprise_edition_21.3.15
|
GraalVM Enterprise Edition 21.3.15 | |
|
IBM MQ Operator <v3.2.21
IBM / MQ
|
Operator <v3.2.21 | ||
|
IBM MQ 9.3
IBM / MQ
|
cpe:/a:ibm:mq:9.3
|
9.3 | |
|
Oracle Java SE 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.8
|
21.0.8 | |
|
IBM MQ Operator <v3.8.1
IBM / MQ
|
Operator <v3.8.1 | ||
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer
IBM
|
cpe:/a:ibm:rational_business_developer:-
|
— | |
|
Oracle Java SE 8u461-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-perf
|
8u461-perf | |
|
IBM Rational Software Architect 10.0
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:10.0
|
10 | |
|
Oracle Java SE 8u461
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461
|
8u461 | |
|
IBM Rational Software Architect 9.7
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.7
|
9.7 | |
|
RealObjects PDFreactor <12.4
RealObjects / PDFreactor
|
<12.4 | ||
|
IBM Sterling Connect:Direct <6.3.0.16
IBM / Sterling Connect:Direct
|
<6.3.0.16 | ||
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— | |
|
Oracle Java SE 8u461-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-b50
|
8u461-b50 | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM TXSeries multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:multiplatforms
|
multiplatforms | |
|
IBM SPSS
IBM
|
cpe:/a:ibm:spss:collaboration_and_deployment_services
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM DataPower Gateway <10.6.0.8
IBM / DataPower Gateway
|
<10.6.0.8 | ||
|
IBM DataPower Gateway <10.5.0.20
IBM / DataPower Gateway
|
<10.5.0.20 | ||
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Dell NetWorker Runtime Environment <8.0.27
Dell / NetWorker
|
Runtime Environment <8.0.27 | ||
|
IBM Security Verify Access <v10.0.9.1
IBM / Security Verify Access
|
<v10.0.9.1 | ||
|
IBM Java <8.0.8.55
IBM / Java
|
<8.0.8.55 | ||
|
Dell NetWorker Runtime Environment <17.0.3
Dell / NetWorker
|
Runtime Environment <17.0.3 | ||
|
IBM DB2 Query Management Facility
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility
|
Query Management Facility | |
|
IBM Java <7.1.5.28
IBM / Java
|
<7.1.5.28 | ||
|
IBM WebSphere Application Server liberty
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:liberty
|
liberty | |
|
Dell NetWorker NRE <17.0.4
Dell / NetWorker
|
NRE <17.0.4 | ||
|
Amazon Corretto <11.0.29.7.1
Amazon / Corretto
|
<11.0.29.7.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Corretto <8.472.08.1
Amazon / Corretto
|
<8.472.08.1 | ||
|
IBM MQ 9.4
IBM / MQ
|
cpe:/a:ibm:mq:9.4
|
9.4 | |
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM DataPower Gateway <10.6.6.0
IBM / DataPower Gateway
|
<10.6.6.0 | ||
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:containers
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Sterling Connect:Direct <6.4.0.5
IBM / Sterling Connect:Direct
|
<6.4.0.5 | ||
|
IBM MQ 9.1
IBM / MQ
|
cpe:/a:ibm:mq:9.1
|
9.1 | |
|
IBM MQ 9.2
IBM / MQ
|
cpe:/a:ibm:mq:9.2
|
9.2 | |
|
Dell NetWorker NRE <8.0.28
Dell / NetWorker
|
NRE <8.0.28 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
IBM Rational Software Architect 9.6
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.6
|
9.6 | |
|
Open Source Camunda <7.22.10
Open Source / Camunda
|
<7.22.10 | ||
|
IBM Rational Application Developer for WebSphere Software 10.0
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0
|
10 | |
|
IBM DB2 Query Management Facility for z/OS
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility_for_zos
|
Query Management Facility for z/OS |
Affected products
Known affected
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Application Developer for WebSphere Software 9.7
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7
|
9.7 | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
IBM Rational Application Developer for WebSphere Software 9.6
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6
|
9.6 | |
|
IBM Tivoli Network Manager
IBM
|
cpe:/a:ibm:tivoli_network_manager:ip_edition
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Java SE GraalVM for JDK 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_21.0.8
|
GraalVM for JDK 21.0.8 | |
|
Open Source Camunda <7.23.7
Open Source / Camunda
|
<7.23.7 | ||
|
Oracle Java SE 11.0.28
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.28
|
11.0.28 | |
|
Open Source Camunda <7.24.1
Open Source / Camunda
|
<7.24.1 | ||
|
IBM Sterling Connect:Direct <1.4.0.5_iFix002
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix002 | ||
|
Oracle Java SE GraalVM for JDK 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_17.0.16
|
GraalVM for JDK 17.0.16 | |
|
IBM Sterling Connect:Direct <1.4.0.5_iFix001
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix001 | ||
|
IBM Sterling Connect:Direct
IBM / Sterling Connect:Direct
|
cpe:/a:ibm:sterling_connect%3adirect:-
|
— | |
|
IBM MQ Container <9.4.4.1-r1
IBM / MQ
|
Container <9.4.4.1-r1 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Oracle Java SE 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.16
|
17.0.16 | |
|
Oracle Java SE GraalVM Enterprise Edition 21.3.15
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_enterprise_edition_21.3.15
|
GraalVM Enterprise Edition 21.3.15 | |
|
IBM MQ Operator <v3.2.21
IBM / MQ
|
Operator <v3.2.21 | ||
|
IBM MQ 9.3
IBM / MQ
|
cpe:/a:ibm:mq:9.3
|
9.3 | |
|
Oracle Java SE 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.8
|
21.0.8 | |
|
IBM MQ Operator <v3.8.1
IBM / MQ
|
Operator <v3.8.1 | ||
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer
IBM
|
cpe:/a:ibm:rational_business_developer:-
|
— | |
|
Oracle Java SE 8u461-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-perf
|
8u461-perf | |
|
IBM Rational Software Architect 10.0
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:10.0
|
10 | |
|
Oracle Java SE 8u461
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461
|
8u461 | |
|
IBM Rational Software Architect 9.7
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.7
|
9.7 | |
|
RealObjects PDFreactor <12.4
RealObjects / PDFreactor
|
<12.4 | ||
|
IBM Sterling Connect:Direct <6.3.0.16
IBM / Sterling Connect:Direct
|
<6.3.0.16 | ||
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— | |
|
Oracle Java SE 8u461-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-b50
|
8u461-b50 | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM TXSeries multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:multiplatforms
|
multiplatforms | |
|
IBM SPSS
IBM
|
cpe:/a:ibm:spss:collaboration_and_deployment_services
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM DataPower Gateway <10.6.0.8
IBM / DataPower Gateway
|
<10.6.0.8 | ||
|
IBM DataPower Gateway <10.5.0.20
IBM / DataPower Gateway
|
<10.5.0.20 | ||
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Dell NetWorker Runtime Environment <8.0.27
Dell / NetWorker
|
Runtime Environment <8.0.27 | ||
|
IBM Security Verify Access <v10.0.9.1
IBM / Security Verify Access
|
<v10.0.9.1 | ||
|
IBM Java <8.0.8.55
IBM / Java
|
<8.0.8.55 | ||
|
Dell NetWorker Runtime Environment <17.0.3
Dell / NetWorker
|
Runtime Environment <17.0.3 | ||
|
IBM DB2 Query Management Facility
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility
|
Query Management Facility | |
|
IBM Java <7.1.5.28
IBM / Java
|
<7.1.5.28 | ||
|
IBM WebSphere Application Server liberty
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:liberty
|
liberty | |
|
Dell NetWorker NRE <17.0.4
Dell / NetWorker
|
NRE <17.0.4 | ||
|
Amazon Corretto <11.0.29.7.1
Amazon / Corretto
|
<11.0.29.7.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Corretto <8.472.08.1
Amazon / Corretto
|
<8.472.08.1 | ||
|
IBM MQ 9.4
IBM / MQ
|
cpe:/a:ibm:mq:9.4
|
9.4 | |
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM DataPower Gateway <10.6.6.0
IBM / DataPower Gateway
|
<10.6.6.0 | ||
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:containers
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Sterling Connect:Direct <6.4.0.5
IBM / Sterling Connect:Direct
|
<6.4.0.5 | ||
|
IBM MQ 9.1
IBM / MQ
|
cpe:/a:ibm:mq:9.1
|
9.1 | |
|
IBM MQ 9.2
IBM / MQ
|
cpe:/a:ibm:mq:9.2
|
9.2 | |
|
Dell NetWorker NRE <8.0.28
Dell / NetWorker
|
NRE <8.0.28 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
IBM Rational Software Architect 9.6
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.6
|
9.6 | |
|
Open Source Camunda <7.22.10
Open Source / Camunda
|
<7.22.10 | ||
|
IBM Rational Application Developer for WebSphere Software 10.0
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0
|
10 | |
|
IBM DB2 Query Management Facility for z/OS
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility_for_zos
|
Query Management Facility for z/OS |
Affected products
Known affected
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Application Developer for WebSphere Software 9.7
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7
|
9.7 | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
IBM Rational Application Developer for WebSphere Software 9.6
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6
|
9.6 | |
|
IBM Tivoli Network Manager
IBM
|
cpe:/a:ibm:tivoli_network_manager:ip_edition
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Java SE GraalVM for JDK 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_21.0.8
|
GraalVM for JDK 21.0.8 | |
|
Open Source Camunda <7.23.7
Open Source / Camunda
|
<7.23.7 | ||
|
Oracle Java SE 11.0.28
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.28
|
11.0.28 | |
|
Open Source Camunda <7.24.1
Open Source / Camunda
|
<7.24.1 | ||
|
IBM Sterling Connect:Direct <1.4.0.5_iFix002
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix002 | ||
|
Oracle Java SE GraalVM for JDK 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_17.0.16
|
GraalVM for JDK 17.0.16 | |
|
IBM Sterling Connect:Direct <1.4.0.5_iFix001
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix001 | ||
|
IBM Sterling Connect:Direct
IBM / Sterling Connect:Direct
|
cpe:/a:ibm:sterling_connect%3adirect:-
|
— | |
|
IBM MQ Container <9.4.4.1-r1
IBM / MQ
|
Container <9.4.4.1-r1 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Oracle Java SE 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.16
|
17.0.16 | |
|
Oracle Java SE GraalVM Enterprise Edition 21.3.15
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_enterprise_edition_21.3.15
|
GraalVM Enterprise Edition 21.3.15 | |
|
IBM MQ Operator <v3.2.21
IBM / MQ
|
Operator <v3.2.21 | ||
|
IBM MQ 9.3
IBM / MQ
|
cpe:/a:ibm:mq:9.3
|
9.3 | |
|
Oracle Java SE 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.8
|
21.0.8 | |
|
IBM MQ Operator <v3.8.1
IBM / MQ
|
Operator <v3.8.1 | ||
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer
IBM
|
cpe:/a:ibm:rational_business_developer:-
|
— | |
|
Oracle Java SE 8u461-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-perf
|
8u461-perf | |
|
IBM Rational Software Architect 10.0
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:10.0
|
10 | |
|
Oracle Java SE 8u461
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461
|
8u461 | |
|
IBM Rational Software Architect 9.7
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.7
|
9.7 | |
|
RealObjects PDFreactor <12.4
RealObjects / PDFreactor
|
<12.4 | ||
|
IBM Sterling Connect:Direct <6.3.0.16
IBM / Sterling Connect:Direct
|
<6.3.0.16 | ||
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— | |
|
Oracle Java SE 8u461-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-b50
|
8u461-b50 | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM TXSeries multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:multiplatforms
|
multiplatforms | |
|
IBM SPSS
IBM
|
cpe:/a:ibm:spss:collaboration_and_deployment_services
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM DataPower Gateway <10.6.0.8
IBM / DataPower Gateway
|
<10.6.0.8 | ||
|
IBM DataPower Gateway <10.5.0.20
IBM / DataPower Gateway
|
<10.5.0.20 | ||
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Dell NetWorker Runtime Environment <8.0.27
Dell / NetWorker
|
Runtime Environment <8.0.27 | ||
|
IBM Security Verify Access <v10.0.9.1
IBM / Security Verify Access
|
<v10.0.9.1 | ||
|
IBM Java <8.0.8.55
IBM / Java
|
<8.0.8.55 | ||
|
Dell NetWorker Runtime Environment <17.0.3
Dell / NetWorker
|
Runtime Environment <17.0.3 | ||
|
IBM DB2 Query Management Facility
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility
|
Query Management Facility | |
|
IBM Java <7.1.5.28
IBM / Java
|
<7.1.5.28 | ||
|
IBM WebSphere Application Server liberty
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:liberty
|
liberty | |
|
Dell NetWorker NRE <17.0.4
Dell / NetWorker
|
NRE <17.0.4 | ||
|
Amazon Corretto <11.0.29.7.1
Amazon / Corretto
|
<11.0.29.7.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Corretto <8.472.08.1
Amazon / Corretto
|
<8.472.08.1 | ||
|
IBM MQ 9.4
IBM / MQ
|
cpe:/a:ibm:mq:9.4
|
9.4 | |
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM DataPower Gateway <10.6.6.0
IBM / DataPower Gateway
|
<10.6.6.0 | ||
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:containers
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Sterling Connect:Direct <6.4.0.5
IBM / Sterling Connect:Direct
|
<6.4.0.5 | ||
|
IBM MQ 9.1
IBM / MQ
|
cpe:/a:ibm:mq:9.1
|
9.1 | |
|
IBM MQ 9.2
IBM / MQ
|
cpe:/a:ibm:mq:9.2
|
9.2 | |
|
Dell NetWorker NRE <8.0.28
Dell / NetWorker
|
NRE <8.0.28 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
IBM Rational Software Architect 9.6
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.6
|
9.6 | |
|
Open Source Camunda <7.22.10
Open Source / Camunda
|
<7.22.10 | ||
|
IBM Rational Application Developer for WebSphere Software 10.0
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0
|
10 | |
|
IBM DB2 Query Management Facility for z/OS
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility_for_zos
|
Query Management Facility for z/OS |
Affected products
Known affected
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Rational Application Developer for WebSphere Software 9.7
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7
|
9.7 | |
|
IBM Integration Bus
IBM
|
cpe:/a:ibm:integration_bus:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:-
|
— | |
|
IBM Security Verify Access <11.0.2
IBM / Security Verify Access
|
<11.0.2 | ||
|
IBM Rational Application Developer for WebSphere Software 9.6
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6
|
9.6 | |
|
IBM Tivoli Network Manager
IBM
|
cpe:/a:ibm:tivoli_network_manager:ip_edition
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
IBM WebSphere Application Server 8.5
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:8.5
|
8.5 | |
|
IBM WebSphere Application Server 9.0
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:9.0
|
9 | |
|
Hitachi Ops Center
Hitachi
|
cpe:/a:hitachi:ops_center:-
|
— | |
|
Oracle Java SE GraalVM for JDK 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_21.0.8
|
GraalVM for JDK 21.0.8 | |
|
Open Source Camunda <7.23.7
Open Source / Camunda
|
<7.23.7 | ||
|
Oracle Java SE 11.0.28
Oracle / Java SE
|
cpe:/a:oracle:java_se:11.0.28
|
11.0.28 | |
|
Open Source Camunda <7.24.1
Open Source / Camunda
|
<7.24.1 | ||
|
IBM Sterling Connect:Direct <1.4.0.5_iFix002
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix002 | ||
|
Oracle Java SE GraalVM for JDK 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_for_jdk_17.0.16
|
GraalVM for JDK 17.0.16 | |
|
IBM Sterling Connect:Direct <1.4.0.5_iFix001
IBM / Sterling Connect:Direct
|
<1.4.0.5_iFix001 | ||
|
IBM Sterling Connect:Direct
IBM / Sterling Connect:Direct
|
cpe:/a:ibm:sterling_connect%3adirect:-
|
— | |
|
IBM MQ Container <9.4.4.1-r1
IBM / MQ
|
Container <9.4.4.1-r1 | ||
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
Oracle Java SE 17.0.16
Oracle / Java SE
|
cpe:/a:oracle:java_se:17.0.16
|
17.0.16 | |
|
Oracle Java SE GraalVM Enterprise Edition 21.3.15
Oracle / Java SE
|
cpe:/a:oracle:java_se:graalvm_enterprise_edition_21.3.15
|
GraalVM Enterprise Edition 21.3.15 | |
|
IBM MQ Operator <v3.2.21
IBM / MQ
|
Operator <v3.2.21 | ||
|
IBM MQ 9.3
IBM / MQ
|
cpe:/a:ibm:mq:9.3
|
9.3 | |
|
Oracle Java SE 21.0.8
Oracle / Java SE
|
cpe:/a:oracle:java_se:21.0.8
|
21.0.8 | |
|
IBM MQ Operator <v3.8.1
IBM / MQ
|
Operator <v3.8.1 | ||
|
IBM Semeru Runtime
IBM
|
cpe:/a:ibm:semeru_runtime:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Rational Business Developer
IBM
|
cpe:/a:ibm:rational_business_developer:-
|
— | |
|
Oracle Java SE 8u461-perf
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-perf
|
8u461-perf | |
|
IBM Rational Software Architect 10.0
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:10.0
|
10 | |
|
Oracle Java SE 8u461
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461
|
8u461 | |
|
IBM Rational Software Architect 9.7
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.7
|
9.7 | |
|
RealObjects PDFreactor <12.4
RealObjects / PDFreactor
|
<12.4 | ||
|
IBM Sterling Connect:Direct <6.3.0.16
IBM / Sterling Connect:Direct
|
<6.3.0.16 | ||
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— | |
|
Oracle Java SE 8u461-b50
Oracle / Java SE
|
cpe:/a:oracle:java_se:8u461-b50
|
8u461-b50 | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
IBM TXSeries multiplatforms
IBM / TXSeries
|
cpe:/a:ibm:txseries:multiplatforms
|
multiplatforms | |
|
IBM SPSS
IBM
|
cpe:/a:ibm:spss:collaboration_and_deployment_services
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM / InfoSphere Information Server
|
cpe:/a:ibm:infosphere_information_server:11.7
|
11.7 | |
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM DataPower Gateway <10.6.0.8
IBM / DataPower Gateway
|
<10.6.0.8 | ||
|
IBM DataPower Gateway <10.5.0.20
IBM / DataPower Gateway
|
<10.5.0.20 | ||
|
IBM Tivoli Netcool/OMNIbus
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
Dell NetWorker Runtime Environment <8.0.27
Dell / NetWorker
|
Runtime Environment <8.0.27 | ||
|
IBM Security Verify Access <v10.0.9.1
IBM / Security Verify Access
|
<v10.0.9.1 | ||
|
IBM Java <8.0.8.55
IBM / Java
|
<8.0.8.55 | ||
|
Dell NetWorker Runtime Environment <17.0.3
Dell / NetWorker
|
Runtime Environment <17.0.3 | ||
|
IBM DB2 Query Management Facility
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility
|
Query Management Facility | |
|
IBM Java <7.1.5.28
IBM / Java
|
<7.1.5.28 | ||
|
IBM WebSphere Application Server liberty
IBM / WebSphere Application Server
|
cpe:/a:ibm:websphere_application_server:liberty
|
liberty | |
|
Dell NetWorker NRE <17.0.4
Dell / NetWorker
|
NRE <17.0.4 | ||
|
Amazon Corretto <11.0.29.7.1
Amazon / Corretto
|
<11.0.29.7.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Corretto <8.472.08.1
Amazon / Corretto
|
<8.472.08.1 | ||
|
IBM MQ 9.4
IBM / MQ
|
cpe:/a:ibm:mq:9.4
|
9.4 | |
|
Hitachi Configuration Manager
Hitachi
|
cpe:/a:hitachi:configuration_manager:-
|
— | |
|
IBM DataPower Gateway <10.6.6.0
IBM / DataPower Gateway
|
<10.6.6.0 | ||
|
IBM Business Automation Workflow
IBM / Business Automation Workflow
|
cpe:/a:ibm:business_automation_workflow:containers
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 | ||
|
Hitachi Command Suite
Hitachi
|
cpe:/a:hitachi:command_suite:-
|
— | |
|
IBM Sterling Connect:Direct <6.4.0.5
IBM / Sterling Connect:Direct
|
<6.4.0.5 | ||
|
IBM MQ 9.1
IBM / MQ
|
cpe:/a:ibm:mq:9.1
|
9.1 | |
|
IBM MQ 9.2
IBM / MQ
|
cpe:/a:ibm:mq:9.2
|
9.2 | |
|
Dell NetWorker NRE <8.0.28
Dell / NetWorker
|
NRE <8.0.28 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
IBM Tivoli Netcool/OMNIbus 8.1.0
IBM / Tivoli Netcool/OMNIbus
|
cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0
|
8.1.0 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source OpenJDK
Open Source
|
cpe:/a:oracle:openjdk:-
|
— | |
|
IBM Rational Software Architect 9.6
IBM / Rational Software Architect
|
cpe:/a:ibm:rational_software_architect:9.6
|
9.6 | |
|
Open Source Camunda <7.22.10
Open Source / Camunda
|
<7.22.10 | ||
|
IBM Rational Application Developer for WebSphere Software 10.0
IBM / Rational Application Developer for WebSphere Software
|
cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0
|
10 | |
|
IBM DB2 Query Management Facility for z/OS
IBM / DB2
|
cpe:/a:ibm:db2:query_management_facility_for_zos
|
Query Management Facility for z/OS |
References
114 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2365 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2365.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2365 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2365"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - October 2025 - Appendix Oracle Java SE vom 2025-10-21",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixJAVA"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 11",
"url": "https://github.com/corretto/corretto-11/blob/11.0.29.7.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 8",
"url": "https://github.com/corretto/corretto-8/blob/8.472.08.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "OpenJDK Vulnerability Advisory vom 2025-10-21",
"url": "https://openjdk.org/groups/vulnerability/advisories/2025-10-21"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18824 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18824"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18822 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18822"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18823 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18816 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18816"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18814 vom 2025-10-23",
"url": "https://access.redhat.com/errata/RHSA-2025:18814"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18825 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18825"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18826 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18826"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18817 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18817"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18821 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18821"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18820 vom 2025-10-23",
"url": "https://access.redhat.com/errata/RHSA-2025:18820"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18819 vom 2025-10-23",
"url": "https://access.redhat.com/errata/RHSA-2025:18819"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18818 vom 2025-10-24",
"url": "https://access.redhat.com/errata/RHSA-2025:18818"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18815 vom 2025-10-23",
"url": "https://access.redhat.com/errata/RHSA-2025:18815"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15660-1 vom 2025-10-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TYBJ677VF7F4ZSMLX3GWAMXWMZMDX6TI/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4346 vom 2025-10-25",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4345 vom 2025-10-25",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00025.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6039 vom 2025-10-26",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00205.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15661-1 vom 2025-10-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5UPJO4CYYCTTODVMA4476F3K2Z7WPTBS/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6037 vom 2025-10-25",
"url": "https://security-tracker.debian.org/tracker/DSA-6037-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18824 vom 2025-10-24",
"url": "https://linux.oracle.com/errata/ELSA-2025-18824.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20251024-0010 vom 2025-10-24",
"url": "https://security.netapp.com/advisory/NTAP-20251024-0010"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6038 vom 2025-10-25",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00204.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18821 vom 2025-10-24",
"url": "https://linux.oracle.com/errata/ELSA-2025-18821.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18815 vom 2025-10-24",
"url": "https://linux.oracle.com/errata/ELSA-2025-18815.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3047 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3047.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3048 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3048.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2CORRETTO8-2025-021 vom 2025-10-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS2CORRETTO8-2025-021.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3835-1 vom 2025-10-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023072.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3859-1 vom 2025-10-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023079.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15674-1 vom 2025-10-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S4MJYY6GI4OEPCONZ5OZF6JPBI67LCPJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3859-1 vom 2025-10-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VMV65UKEMJ5XZGXBOOCVPAPP6DHKNBG5/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15693-1 vom 2025-11-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VU4T2GSGJ3FSMB2VQKU2AVIH5DSZ4Q7A/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249833 vom 2025-10-31",
"url": "https://www.ibm.com/support/pages/node/7249833"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15690-1 vom 2025-11-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OBTHACNEISJLEVENW6F2UY73GMJFQAPI/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249834 vom 2025-10-31",
"url": "https://www.ibm.com/support/pages/node/7249834"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15694-1 vom 2025-11-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HPNAG4GRUDNAT2AVXYGLMZTAD2X5TWNZ/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15691-1 vom 2025-11-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPFSP3HIULFUYTXM7EZVSJGRCVQF2ANT/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7250035 vom 2025-11-03",
"url": "https://www.ibm.com/support/pages/node/7250035"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7250255 vom 2025-11-06",
"url": "https://www.ibm.com/support/pages/node/7250255"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15701-1 vom 2025-11-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NYSZB3IXIAPQGFBTRTYOPOEOZDCFYMRH/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7250250 vom 2025-11-06",
"url": "https://www.ibm.com/support/pages/node/7250250"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3964-1 vom 2025-11-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023167.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3965-1 vom 2025-11-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023166.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3996-1 vom 2025-11-07",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U4XBO3CFLQHMPIGKNMQNDBIDRQ6ZRN6U/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3997-1 vom 2025-11-07",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P6MDCNVOO2ZGEPCYBSDNBOEOJK3N37FG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4005-1 vom 2025-11-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GRGDIRMJ63CBCCXYFXZ434NAYMNERVTW/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4005-1 vom 2025-11-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023183.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4039-1 vom 2025-11-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023195.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3072 vom 2025-11-11",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3072.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4038-1 vom 2025-11-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023196.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18814 vom 2025-11-13",
"url": "https://linux.oracle.com/errata/ELSA-2025-18814.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21485 vom 2025-11-17",
"url": "https://access.redhat.com/errata/RHSA-2025:21485"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-018 vom 2025-11-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/11/Xerox-Security-Bulletin-XRX25-018-Xerox-FreeFlow-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7251920 vom 2025-11-19",
"url": "https://www.ibm.com/support/pages/node/7251920"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:21485 vom 2025-11-25",
"url": "https://errata.build.resf.org/RLSA-2025:21485"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7884-1 vom 2025-11-25",
"url": "https://ubuntu.com/security/notices/USN-7884-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7885-1 vom 2025-11-25",
"url": "https://ubuntu.com/security/notices/USN-7885-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22088 vom 2025-11-25",
"url": "https://access.redhat.com/errata/RHSA-2025:22088"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7252217 vom 2025-11-25",
"url": "https://www.ibm.com/support/pages/node/7252217"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7883-1 vom 2025-11-25",
"url": "https://ubuntu.com/security/notices/USN-7883-1"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-132 vom 2025-11-26",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-132/index.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7882-1 vom 2025-11-25",
"url": "https://ubuntu.com/security/notices/USN-7882-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7252680 vom 2025-11-26",
"url": "https://www.ibm.com/support/pages/node/7252680"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7252724 vom 2025-11-26",
"url": "https://www.ibm.com/support/pages/node/7252724"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4287-1 vom 2025-11-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023427.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22370 vom 2025-12-01",
"url": "https://access.redhat.com/errata/RHSA-2025:22370"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-438 vom 2025-12-01",
"url": "https://www.dell.com/support/kbdoc/de-de/000397455/dsa-2025-438-security-update-for-dell-networker-runtime-environment-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7253241 vom 2025-12-01",
"url": "https://www.ibm.com/support/pages/node/7253241"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7901-1 vom 2025-12-02",
"url": "https://ubuntu.com/security/notices/USN-7901-1"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20123-1 vom 2025-12-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GQWF5TZM5GYGLQPAY4CY63R5SDNNGIHF/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20125-1 vom 2025-12-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SSTB5CP5PLTZBCEI7BMNC646ZLF732WB/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7902-1 vom 2025-12-02",
"url": "https://ubuntu.com/security/notices/USN-7902-1"
},
{
"category": "external",
"summary": "Camunda Security Notices vom 2025-12-01",
"url": "https://docs.camunda.org/security/notices/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7900-1 vom 2025-12-02",
"url": "https://ubuntu.com/security/notices/USN-7900-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7253164 vom 2025-12-03",
"url": "https://www.ibm.com/support/pages/node/7253164"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22672 vom 2025-12-03",
"url": "https://access.redhat.com/errata/RHSA-2025:22672"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21485 vom 2025-12-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-21485.html"
},
{
"category": "external",
"summary": "PDFreactor ReleaseNotes vom 2025-12-04",
"url": "https://www.pdfreactor.com/pdfreactor-12-4/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7253912 vom 2025-12-05",
"url": "https://www.ibm.com/support/pages/node/7253912"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7253905 vom 2025-12-09",
"url": "https://www.ibm.com/support/pages/node/7253905"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21164-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023503.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21162-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023504.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7254734 vom 2025-12-15",
"url": "https://www.ibm.com/support/pages/node/7254734"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255060 vom 2025-12-17",
"url": "https://www.ibm.com/support/pages/node/7255060"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255034 vom 2025-12-17",
"url": "https://www.ibm.com/support/pages/node/7255034"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7254158 vom 2025-12-17",
"url": "https://www.ibm.com/support/pages/node/7254158"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255556 vom 2025-12-22",
"url": "https://www.ibm.com/support/pages/node/7255556"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255557 vom 2025-12-22",
"url": "https://www.ibm.com/support/pages/node/7255557"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255734 vom 2025-12-23",
"url": "https://www.ibm.com/support/pages/node/7255734"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256230 vom 2026-01-05",
"url": "https://www.ibm.com/support/pages/node/7256230"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256294 vom 2026-01-06",
"url": "https://www.ibm.com/support/pages/node/7256294"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256323 vom 2026-01-06",
"url": "https://www.ibm.com/support/pages/node/7256323"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256421 vom 2026-01-07",
"url": "https://www.ibm.com/support/pages/node/7256421"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256327 vom 2026-01-06",
"url": "https://www.ibm.com/support/pages/node/7256327"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256321 vom 2026-01-06",
"url": "https://www.ibm.com/support/pages/node/7256321"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256635 vom 2026-01-09",
"url": "https://www.ibm.com/support/pages/node/7256635"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7256642 vom 2026-01-09",
"url": "https://www.ibm.com/support/pages/node/7256642"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0934 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0934"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7257854 vom 2026-01-22",
"url": "https://www.ibm.com/support/pages/node/7257854"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7257796 vom 2026-01-22",
"url": "https://www.ibm.com/support/pages/node/7257796"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7257797 vom 2026-01-22",
"url": "https://www.ibm.com/support/pages/node/7257797"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7257852 vom 2026-01-22",
"url": "https://www.ibm.com/support/pages/node/7257852"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258201 vom 2026-01-28",
"url": "https://www.ibm.com/support/pages/node/7258201"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258200 vom 2026-01-28",
"url": "https://www.ibm.com/support/pages/node/7258200"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258210 vom 2026-01-28",
"url": "https://www.ibm.com/support/pages/node/7258210"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7259319 vom 2026-01-30",
"url": "https://www.ibm.com/support/pages/node/7259319"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0931 vom 2026-02-10",
"url": "https://linux.oracle.com/errata/ELSA-2026-0931.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-101 vom 2026-03-07",
"url": "https://www.dell.com/support/kbdoc/000435907"
}
],
"source_lang": "en-US",
"title": "Oracle Java SE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-08T23:00:00.000+00:00",
"generator": {
"date": "2026-03-09T08:26:51.398+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2365",
"initial_release_date": "2025-10-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat und European Union Vulnerability Database aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von openSUSE, Debian, Oracle Linux und NetApp aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-10-28T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-29T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2025-11-02T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von openSUSE, IBM und IBM-APAR aufgenommen"
},
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM und openSUSE aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-09T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-10T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2025-11-12T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-16T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat, IBM, Ubuntu und HITACHI aufgenommen"
},
{
"date": "2025-11-26T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-01T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu und openSUSE aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM, Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-08T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2025-12-21T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-23T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-06T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "40"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.472.08.1",
"product": {
"name": "Amazon Corretto \u003c8.472.08.1",
"product_id": "T048031"
}
},
{
"category": "product_version",
"name": "8.472.08.1",
"product": {
"name": "Amazon Corretto 8.472.08.1",
"product_id": "T048031-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.472.08.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.29.7.1",
"product": {
"name": "Amazon Corretto \u003c11.0.29.7.1",
"product_id": "T048032"
}
},
{
"category": "product_version",
"name": "11.0.29.7.1",
"product": {
"name": "Amazon Corretto 11.0.29.7.1",
"product_id": "T048032-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:11.0.29.7.1"
}
}
}
],
"category": "product_name",
"name": "Corretto"
},
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Runtime Environment \u003c17.0.3",
"product": {
"name": "Dell NetWorker Runtime Environment \u003c17.0.3",
"product_id": "T048963"
}
},
{
"category": "product_version",
"name": "Runtime Environment 17.0.3",
"product": {
"name": "Dell NetWorker Runtime Environment 17.0.3",
"product_id": "T048963-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:runtime_environment__17.0.3"
}
}
},
{
"category": "product_version_range",
"name": "Runtime Environment \u003c8.0.27",
"product": {
"name": "Dell NetWorker Runtime Environment \u003c8.0.27",
"product_id": "T048964"
}
},
{
"category": "product_version",
"name": "Runtime Environment 8.0.27",
"product": {
"name": "Dell NetWorker Runtime Environment 8.0.27",
"product_id": "T048964-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:runtime_environment__8.0.27"
}
}
},
{
"category": "product_version_range",
"name": "NRE \u003c8.0.28",
"product": {
"name": "Dell NetWorker NRE \u003c8.0.28",
"product_id": "T051479"
}
},
{
"category": "product_version",
"name": "NRE 8.0.28",
"product": {
"name": "Dell NetWorker NRE 8.0.28",
"product_id": "T051479-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:nre__8.0.28"
}
}
},
{
"category": "product_version_range",
"name": "NRE \u003c17.0.4",
"product": {
"name": "Dell NetWorker NRE \u003c17.0.4",
"product_id": "T051480"
}
},
{
"category": "product_version",
"name": "NRE 17.0.4",
"product": {
"name": "Dell NetWorker NRE 17.0.4",
"product_id": "T051480-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:nre__17.0.4"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Command Suite",
"product": {
"name": "Hitachi Command Suite",
"product_id": "T038839",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:command_suite:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Configuration Manager",
"product": {
"name": "Hitachi Configuration Manager",
"product_id": "T020304",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:configuration_manager:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T038840",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T024464",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:containers"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version",
"name": "Query Management Facility",
"product": {
"name": "IBM DB2 Query Management Facility",
"product_id": "T045653",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:query_management_facility"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "T048379",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"category": "product_version",
"name": "Query Management Facility for z/OS",
"product": {
"name": "IBM DB2 Query Management Facility for z/OS",
"product_id": "T049711",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:query_management_facility_for_zos"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.6.6.0",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.6.0",
"product_id": "T049409"
}
},
{
"category": "product_version",
"name": "10.6.6.0",
"product": {
"name": "IBM DataPower Gateway 10.6.6.0",
"product_id": "T049409-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.6.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.20",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.20",
"product_id": "T049410"
}
},
{
"category": "product_version",
"name": "10.5.0.20",
"product": {
"name": "IBM DataPower Gateway 10.5.0.20",
"product_id": "T049410-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.20"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.8",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.8",
"product_id": "T049411"
}
},
{
"category": "product_version",
"name": "10.6.0.8",
"product": {
"name": "IBM DataPower Gateway 10.6.0.8",
"product_id": "T049411-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.8"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"category": "product_name",
"name": "IBM Integration Bus",
"product": {
"name": "IBM Integration Bus",
"product_id": "T011169",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.1.5.28",
"product": {
"name": "IBM Java \u003c7.1.5.28",
"product_id": "T048247"
}
},
{
"category": "product_version",
"name": "7.1.5.28",
"product": {
"name": "IBM Java 7.1.5.28",
"product_id": "T048247-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:7.1.5.28"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0.8.55",
"product": {
"name": "IBM Java \u003c8.0.8.55",
"product_id": "T048248"
}
},
{
"category": "product_version",
"name": "8.0.8.55",
"product": {
"name": "IBM Java 8.0.8.55",
"product_id": "T048248-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:8.0.8.55"
}
}
}
],
"category": "product_name",
"name": "Java"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.2.42",
"product": {
"name": "IBM License Metric Tool \u003c9.2.42",
"product_id": "T049203"
}
},
{
"category": "product_version",
"name": "9.2.42",
"product": {
"name": "IBM License Metric Tool 9.2.42",
"product_id": "T049203-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2.42"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1",
"product": {
"name": "IBM MQ 9.1",
"product_id": "T014765",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1"
}
}
},
{
"category": "product_version",
"name": "9.2",
"product": {
"name": "IBM MQ 9.2",
"product_id": "T016984",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2"
}
}
},
{
"category": "product_version",
"name": "9.3",
"product": {
"name": "IBM MQ 9.3",
"product_id": "T027879",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3"
}
}
},
{
"category": "product_version",
"name": "9.4",
"product": {
"name": "IBM MQ 9.4",
"product_id": "T035670",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.4"
}
}
},
{
"category": "product_version_range",
"name": "Operator \u003cv3.8.1",
"product": {
"name": "IBM MQ Operator \u003cv3.8.1",
"product_id": "T049706"
}
},
{
"category": "product_version",
"name": "Operator v3.8.1",
"product": {
"name": "IBM MQ Operator v3.8.1",
"product_id": "T049706-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v3.8.1"
}
}
},
{
"category": "product_version_range",
"name": "Operator \u003cv3.2.21",
"product": {
"name": "IBM MQ Operator \u003cv3.2.21",
"product_id": "T049707"
}
},
{
"category": "product_version",
"name": "Operator v3.2.21",
"product": {
"name": "IBM MQ Operator v3.2.21",
"product_id": "T049707-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v3.2.21"
}
}
},
{
"category": "product_version_range",
"name": "Container \u003c9.4.4.1-r1",
"product": {
"name": "IBM MQ Container \u003c9.4.4.1-r1",
"product_id": "T049708"
}
},
{
"category": "product_version",
"name": "Container 9.4.4.1-r1",
"product": {
"name": "IBM MQ Container 9.4.4.1-r1",
"product_id": "T049708-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:container_9.4.4.1-r1"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.6",
"product_id": "T012259",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.7",
"product_id": "T013505",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 10.0",
"product_id": "T047534",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0"
}
}
}
],
"category": "product_name",
"name": "Rational Application Developer for WebSphere Software"
},
{
"category": "product_name",
"name": "IBM Rational Business Developer",
"product": {
"name": "IBM Rational Business Developer",
"product_id": "T025611",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Software Architect 9.6",
"product_id": "T009891",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Software Architect 9.7",
"product_id": "T049700",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:9.7"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "IBM Rational Software Architect 10.0",
"product_id": "T049701",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:10.0"
}
}
}
],
"category": "product_name",
"name": "Rational Software Architect"
},
{
"category": "product_name",
"name": "IBM SPSS",
"product": {
"name": "IBM SPSS",
"product_id": "T037766",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cv10.0.9.1",
"product": {
"name": "IBM Security Verify Access \u003cv10.0.9.1",
"product_id": "T049459"
}
},
{
"category": "product_version",
"name": "v10.0.9.1",
"product": {
"name": "IBM Security Verify Access v10.0.9.1",
"product_id": "T049459-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:v10.0.9.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.2",
"product": {
"name": "IBM Security Verify Access \u003c11.0.2",
"product_id": "T049460"
}
},
{
"category": "product_version",
"name": "11.0.2",
"product": {
"name": "IBM Security Verify Access 11.0.2",
"product_id": "T049460-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:11.0.2"
}
}
}
],
"category": "product_name",
"name": "Security Verify Access"
},
{
"category": "product_name",
"name": "IBM Semeru Runtime",
"product": {
"name": "IBM Semeru Runtime",
"product_id": "T048255",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:semeru_runtime:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Sterling Connect:Direct",
"product": {
"name": "IBM Sterling Connect:Direct",
"product_id": "T045428",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.3.0.16",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.3.0.16",
"product_id": "T049469"
}
},
{
"category": "product_version",
"name": "6.3.0.16",
"product": {
"name": "IBM Sterling Connect:Direct 6.3.0.16",
"product_id": "T049469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.3.0.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.4.0.5",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.4.0.5",
"product_id": "T049470"
}
},
{
"category": "product_version",
"name": "6.4.0.5",
"product": {
"name": "IBM Sterling Connect:Direct 6.4.0.5",
"product_id": "T049470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.4.0.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.4.0.5_iFix001",
"product": {
"name": "IBM Sterling Connect:Direct \u003c1.4.0.5_iFix001",
"product_id": "T049625"
}
},
{
"category": "product_version",
"name": "1.4.0.5_iFix001",
"product": {
"name": "IBM Sterling Connect:Direct 1.4.0.5_iFix001",
"product_id": "T049625-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:1.4.0.5_ifix001"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.4.0.5_iFix002",
"product": {
"name": "IBM Sterling Connect:Direct \u003c1.4.0.5_iFix002",
"product_id": "T049626"
}
},
{
"category": "product_version",
"name": "1.4.0.5_iFix002",
"product": {
"name": "IBM Sterling Connect:Direct 1.4.0.5_iFix002",
"product_id": "T049626-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:1.4.0.5_ifix002"
}
}
}
],
"category": "product_name",
"name": "Sterling Connect:Direct"
},
{
"branches": [
{
"category": "product_version",
"name": "multiplatforms",
"product": {
"name": "IBM TXSeries multiplatforms",
"product_id": "T045090",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:multiplatforms"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"category": "product_name",
"name": "IBM Tivoli Key Lifecycle Manager",
"product": {
"name": "IBM Tivoli Key Lifecycle Manager",
"product_id": "T026238",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_key_lifecycle_manager:-"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Monitoring",
"product": {
"name": "IBM Tivoli Monitoring",
"product_id": "T011128",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
},
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
"product_id": "T048745",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager",
"product": {
"name": "IBM Tivoli Network Manager",
"product_id": "T012578",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Application Server 8.5",
"product_id": "703851",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:8.5"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM WebSphere Application Server 9.0",
"product_id": "703852",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:9.0"
}
}
},
{
"category": "product_version",
"name": "liberty",
"product": {
"name": "IBM WebSphere Application Server liberty",
"product_id": "T008337",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:liberty"
}
}
}
],
"category": "product_name",
"name": "WebSphere Application Server"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T037607",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.24.1",
"product": {
"name": "Open Source Camunda \u003c7.24.1",
"product_id": "T048978"
}
},
{
"category": "product_version",
"name": "7.24.1",
"product": {
"name": "Open Source Camunda 7.24.1",
"product_id": "T048978-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.24.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.23.7",
"product": {
"name": "Open Source Camunda \u003c7.23.7",
"product_id": "T048979"
}
},
{
"category": "product_version",
"name": "7.23.7",
"product": {
"name": "Open Source Camunda 7.23.7",
"product_id": "T048979-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.23.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.22.10",
"product": {
"name": "Open Source Camunda \u003c7.22.10",
"product_id": "T048980"
}
},
{
"category": "product_version",
"name": "7.22.10",
"product": {
"name": "Open Source Camunda 7.22.10",
"product_id": "T048980-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.22.10"
}
}
}
],
"category": "product_name",
"name": "Camunda"
},
{
"category": "product_name",
"name": "Open Source OpenJDK",
"product": {
"name": "Open Source OpenJDK",
"product_id": "580789",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:openjdk:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.0.28",
"product": {
"name": "Oracle Java SE 11.0.28",
"product_id": "T047923",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:11.0.28"
}
}
},
{
"category": "product_version",
"name": "17.0.16",
"product": {
"name": "Oracle Java SE 17.0.16",
"product_id": "T047924",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:17.0.16"
}
}
},
{
"category": "product_version",
"name": "21.0.8",
"product": {
"name": "Oracle Java SE 21.0.8",
"product_id": "T047925",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:21.0.8"
}
}
},
{
"category": "product_version",
"name": "8u461-b50",
"product": {
"name": "Oracle Java SE 8u461-b50",
"product_id": "T047961",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u461-b50"
}
}
},
{
"category": "product_version",
"name": "8u461-perf",
"product": {
"name": "Oracle Java SE 8u461-perf",
"product_id": "T047962",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u461-perf"
}
}
},
{
"category": "product_version",
"name": "8u461",
"product": {
"name": "Oracle Java SE 8u461",
"product_id": "T047963",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u461"
}
}
},
{
"category": "product_version",
"name": "GraalVM for JDK 17.0.16",
"product": {
"name": "Oracle Java SE GraalVM for JDK 17.0.16",
"product_id": "T047965",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:graalvm_for_jdk_17.0.16"
}
}
},
{
"category": "product_version",
"name": "GraalVM for JDK 21.0.8",
"product": {
"name": "Oracle Java SE GraalVM for JDK 21.0.8",
"product_id": "T047966",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:graalvm_for_jdk_21.0.8"
}
}
},
{
"category": "product_version",
"name": "GraalVM Enterprise Edition 21.3.15",
"product": {
"name": "Oracle Java SE GraalVM Enterprise Edition 21.3.15",
"product_id": "T047968",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:graalvm_enterprise_edition_21.3.15"
}
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.4",
"product": {
"name": "RealObjects PDFreactor \u003c12.4",
"product_id": "T049106"
}
},
{
"category": "product_version",
"name": "12.4",
"product": {
"name": "RealObjects PDFreactor 12.4",
"product_id": "T049106-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:realobjects:pdfreactor:12.4"
}
}
}
],
"category": "product_name",
"name": "PDFreactor"
}
],
"category": "vendor",
"name": "RealObjects"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v7",
"product": {
"name": "Xerox FreeFlow Print Server v7",
"product_id": "T035098",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v7"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31257",
"product_status": {
"known_affected": [
"T013505",
"T011169",
"T011128",
"T049460",
"T012259",
"T012578",
"T035098",
"T004914",
"703851",
"703852",
"T038840",
"T047966",
"T048979",
"T047923",
"T048978",
"T049626",
"T047965",
"T049625",
"T045428",
"T049708",
"T021415",
"T047924",
"T047968",
"T049707",
"T027879",
"T047925",
"T049706",
"T048255",
"398363",
"T025611",
"T047962",
"T049701",
"T047963",
"T049700",
"T049106",
"T049469",
"T048379",
"T047961",
"T037607",
"T045090",
"T037766",
"2951",
"T002207",
"444803",
"T019704",
"T027843",
"T049411",
"T049410",
"T004181",
"T026238",
"T048964",
"T049459",
"T048248",
"T048963",
"T045653",
"T048247",
"T008337",
"T051480",
"T048032",
"67646",
"T048031",
"T035670",
"T020304",
"T049409",
"T024464",
"T049203",
"T038839",
"T049470",
"T014765",
"T016984",
"T051479",
"T032255",
"T032495",
"T048745",
"T000126",
"580789",
"T009891",
"T048980",
"T047534",
"T049711"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-31257"
},
{
"cve": "CVE-2025-53057",
"product_status": {
"known_affected": [
"T013505",
"T011169",
"T011128",
"T049460",
"T012259",
"T012578",
"T035098",
"T004914",
"703851",
"703852",
"T038840",
"T047966",
"T048979",
"T047923",
"T048978",
"T049626",
"T047965",
"T049625",
"T045428",
"T049708",
"T021415",
"T047924",
"T047968",
"T049707",
"T027879",
"T047925",
"T049706",
"T048255",
"398363",
"T025611",
"T047962",
"T049701",
"T047963",
"T049700",
"T049106",
"T049469",
"T048379",
"T047961",
"T037607",
"T045090",
"T037766",
"2951",
"T002207",
"444803",
"T019704",
"T027843",
"T049411",
"T049410",
"T004181",
"T026238",
"T048964",
"T049459",
"T048248",
"T048963",
"T045653",
"T048247",
"T008337",
"T051480",
"T048032",
"67646",
"T048031",
"T035670",
"T020304",
"T049409",
"T024464",
"T049203",
"T038839",
"T049470",
"T014765",
"T016984",
"T051479",
"T032255",
"T032495",
"T048745",
"T000126",
"580789",
"T009891",
"T048980",
"T047534",
"T049711"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-53057"
},
{
"cve": "CVE-2025-53066",
"product_status": {
"known_affected": [
"T013505",
"T011169",
"T011128",
"T049460",
"T012259",
"T012578",
"T035098",
"T004914",
"703851",
"703852",
"T038840",
"T047966",
"T048979",
"T047923",
"T048978",
"T049626",
"T047965",
"T049625",
"T045428",
"T049708",
"T021415",
"T047924",
"T047968",
"T049707",
"T027879",
"T047925",
"T049706",
"T048255",
"398363",
"T025611",
"T047962",
"T049701",
"T047963",
"T049700",
"T049106",
"T049469",
"T048379",
"T047961",
"T037607",
"T045090",
"T037766",
"2951",
"T002207",
"444803",
"T019704",
"T027843",
"T049411",
"T049410",
"T004181",
"T026238",
"T048964",
"T049459",
"T048248",
"T048963",
"T045653",
"T048247",
"T008337",
"T051480",
"T048032",
"67646",
"T048031",
"T035670",
"T020304",
"T049409",
"T024464",
"T049203",
"T038839",
"T049470",
"T014765",
"T016984",
"T051479",
"T032255",
"T032495",
"T048745",
"T000126",
"580789",
"T009891",
"T048980",
"T047534",
"T049711"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-53066"
},
{
"cve": "CVE-2025-61748",
"product_status": {
"known_affected": [
"T013505",
"T011169",
"T011128",
"T049460",
"T012259",
"T012578",
"T035098",
"T004914",
"703851",
"703852",
"T038840",
"T047966",
"T048979",
"T047923",
"T048978",
"T049626",
"T047965",
"T049625",
"T045428",
"T049708",
"T021415",
"T047924",
"T047968",
"T049707",
"T027879",
"T047925",
"T049706",
"T048255",
"398363",
"T025611",
"T047962",
"T049701",
"T047963",
"T049700",
"T049106",
"T049469",
"T048379",
"T047961",
"T037607",
"T045090",
"T037766",
"2951",
"T002207",
"444803",
"T019704",
"T027843",
"T049411",
"T049410",
"T004181",
"T026238",
"T048964",
"T049459",
"T048248",
"T048963",
"T045653",
"T048247",
"T008337",
"T051480",
"T048032",
"67646",
"T048031",
"T035670",
"T020304",
"T049409",
"T024464",
"T049203",
"T038839",
"T049470",
"T014765",
"T016984",
"T051479",
"T032255",
"T032495",
"T048745",
"T000126",
"580789",
"T009891",
"T048980",
"T047534",
"T049711"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-61748"
},
{
"cve": "CVE-2025-61755",
"product_status": {
"known_affected": [
"T013505",
"T011169",
"T011128",
"T049460",
"T012259",
"T012578",
"T035098",
"T004914",
"703851",
"703852",
"T038840",
"T047966",
"T048979",
"T047923",
"T048978",
"T049626",
"T047965",
"T049625",
"T045428",
"T049708",
"T021415",
"T047924",
"T047968",
"T049707",
"T027879",
"T047925",
"T049706",
"T048255",
"398363",
"T025611",
"T047962",
"T049701",
"T047963",
"T049700",
"T049106",
"T049469",
"T048379",
"T047961",
"T037607",
"T045090",
"T037766",
"2951",
"T002207",
"444803",
"T019704",
"T027843",
"T049411",
"T049410",
"T004181",
"T026238",
"T048964",
"T049459",
"T048248",
"T048963",
"T045653",
"T048247",
"T008337",
"T051480",
"T048032",
"67646",
"T048031",
"T035670",
"T020304",
"T049409",
"T024464",
"T049203",
"T038839",
"T049470",
"T014765",
"T016984",
"T051479",
"T032255",
"T032495",
"T048745",
"T000126",
"580789",
"T009891",
"T048980",
"T047534",
"T049711"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-61755"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…